Overview

overview

10

Static

static

10

1492-57-0x...ry.dll

windows7_x64

3

1492-57-0x...ry.dll

windows10-2004_x64

3

Sharing

Copy URL
Twitter E-mail

General

  • Target

    1492-57-0x0000000002160000-0x00000000021EF000-memory.dmp

  • Size

    572KB

  • Sample

    220427-vlc6jaeba5

  • MD5

    a0579ea4388fe2df826c111567ec2138

  • SHA1

    aa6802fd3636f4c4ef14388b9f85dd58e5e143aa

  • SHA256

    c4b91479c41843fdbd24db48694706c447317c838ee53878f05ac527e8d272f2

  • SHA512

    089f64ebd1f7c970b8ce60f3611ab4a193a7dc4633fcc0910700032b6f04d51c3745c438a217c86d2e02e920a908bf5c15a51ea8cc5af1e575dfe4f1bd63d3e7

Score
10/10
qakbottzr011649312144

Malware Config

Extracted

Family

qakbot

Version

403.573

Botnet

tzr01

Campaign

1649312144

C2

140.82.49.12:443

182.191.92.203:995

176.67.56.94:443

148.64.96.100:443

47.180.172.159:443

47.23.89.62:995

181.118.183.98:443

1.161.121.58:995

96.21.251.127:2222

119.158.126.69:995

41.228.22.180:443

176.88.238.122:995

66.98.42.102:443

83.110.85.209:443

208.107.221.224:443

172.115.177.204:2222

73.67.152.98:2222

176.205.119.81:2078

46.107.48.202:443

81.215.196.174:443
Attributes
  • salt

    jHxastDcds)oMc=jvh7wdUhxcsdt2

Targets

    • Target

      1492-57-0x0000000002160000-0x00000000021EF000-memory.dmp

    • Size

      572KB

    • MD5

      a0579ea4388fe2df826c111567ec2138

    • SHA1

      aa6802fd3636f4c4ef14388b9f85dd58e5e143aa

    • SHA256

      c4b91479c41843fdbd24db48694706c447317c838ee53878f05ac527e8d272f2

    • SHA512

      089f64ebd1f7c970b8ce60f3611ab4a193a7dc4633fcc0910700032b6f04d51c3745c438a217c86d2e02e920a908bf5c15a51ea8cc5af1e575dfe4f1bd63d3e7

    Score
    3/10
    behavioral1behavioral2

MITRE ATT&CK Matrix

Tasks