Overview

overview

10

Static

static

10

880-57-0x0...ry.dll

windows7_x64

1

880-57-0x0...ry.dll

windows10-2004_x64

1

Sharing

Copy URL
Twitter E-mail

General

  • Target

    880-57-0x0000000000650000-0x0000000000672000-memory.dmp

  • Size

    136KB

  • Sample

    220707-r49qnsbcc8

  • MD5

    bbc9e38c5a79d6327d5d8c8c33caaf22

  • SHA1

    4f429b9031dd6e993b8a24ce6d6a500f68e881ad

  • SHA256

    6b5cbcdc239b818dac89d9ff26808f4951eff882ead7564795389ffbc82674f7

  • SHA512

    885f9c45f0004255a77e0caf421cb70f463ff2ed0b4c445754ffc30a798feafe982aa7c8b101b31f3f1ee9fc7cdd4b777c569c48eb30fa8bacd22f7bd63bbda0

Score
10/10
qakbotobama1941656313665

Malware Config

Extracted

Family

qakbot

Version

403.780

Botnet

obama194

Campaign

1656313665

C2

70.46.220.114:443

32.221.224.140:995

67.209.195.198:443

186.90.153.162:2222

148.64.96.100:443

67.165.206.193:993

86.200.151.188:2222

80.11.74.81:2222

173.174.216.62:443

45.241.173.232:993

41.228.22.180:443

1.161.81.21:995

24.178.196.158:2222

37.34.253.233:443

93.48.80.198:995

129.208.158.180:995

120.150.218.241:995

38.70.253.226:2222

111.125.245.116:995

47.23.89.60:993
Attributes
  • salt

    jHxastDcds)oMc=jvh7wdUhxcsdt2

Targets

    • Target

      880-57-0x0000000000650000-0x0000000000672000-memory.dmp

    • Size

      136KB

    • MD5

      bbc9e38c5a79d6327d5d8c8c33caaf22

    • SHA1

      4f429b9031dd6e993b8a24ce6d6a500f68e881ad

    • SHA256

      6b5cbcdc239b818dac89d9ff26808f4951eff882ead7564795389ffbc82674f7

    • SHA512

      885f9c45f0004255a77e0caf421cb70f463ff2ed0b4c445754ffc30a798feafe982aa7c8b101b31f3f1ee9fc7cdd4b777c569c48eb30fa8bacd22f7bd63bbda0

    Score
    1/10
    behavioral1behavioral2

MITRE ATT&CK Matrix

Tasks