Overview

overview

10

Static

static

10

1652-57-0x...ry.dll

windows7_x64

1

1652-57-0x...ry.dll

windows10-2004_x64

1

Sharing

Copy URL
Twitter E-mail

General

  • Target

    1652-57-0x0000000001EC0000-0x0000000001EE2000-memory.dmp

  • Size

    136KB

  • Sample

    220608-mb1j3sbce6

  • MD5

    6242bfb3c89f13ef16cd850c1d600185

  • SHA1

    0fa5f9a1d1b5c3a63fc7394bedec112fc734c339

  • SHA256

    2717d782f601c5655b52d7999b99285194663b7e00774df1df212528dad0dac5

  • SHA512

    65ecde1e48299fc6c2479cdccb49c6f701138c3d88b8a1683abeffcebf2a7e38327b391c38405275787424caabf4e4ed5885b403d31e3ba4a18a2aa496f17d85

Score
10/10
qakbotobama1861654596660

Malware Config

Extracted

Family

qakbot

Version

403.694

Botnet

obama186

Campaign

1654596660

C2

67.165.206.193:993

63.143.92.99:995

74.14.5.179:2222

182.191.92.203:995

197.89.8.51:443

89.101.97.139:443

86.97.9.190:443

124.40.244.115:2222

80.11.74.81:2222

41.215.153.104:995

179.100.20.32:32101

31.35.28.29:443

202.134.152.2:2222

109.12.111.14:443

93.48.80.198:995

120.150.218.241:995

41.38.167.179:995

177.94.57.126:32101

173.174.216.62:443

1.161.101.20:443
Attributes
  • salt

    jHxastDcds)oMc=jvh7wdUhxcsdt2

Targets

    • Target

      1652-57-0x0000000001EC0000-0x0000000001EE2000-memory.dmp

    • Size

      136KB

    • MD5

      6242bfb3c89f13ef16cd850c1d600185

    • SHA1

      0fa5f9a1d1b5c3a63fc7394bedec112fc734c339

    • SHA256

      2717d782f601c5655b52d7999b99285194663b7e00774df1df212528dad0dac5

    • SHA512

      65ecde1e48299fc6c2479cdccb49c6f701138c3d88b8a1683abeffcebf2a7e38327b391c38405275787424caabf4e4ed5885b403d31e3ba4a18a2aa496f17d85

    Score
    1/10
    behavioral1behavioral2

MITRE ATT&CK Matrix

Tasks