Overview

overview

10

Static

static

10

1996-57-0x...ry.dll

windows7_x64

1

1996-57-0x...ry.dll

windows10-2004_x64

1

Sharing

Copy URL
Twitter E-mail

General

  • Target

    1996-57-0x0000000000220000-0x0000000000242000-memory.dmp

  • Size

    136KB

  • Sample

    220709-jcas9scghj

  • MD5

    b3943fb781fbaa01c6a8d04b9019ea0c

  • SHA1

    80cdfa9a1f6102958f664c43a6c5c653168542c2

  • SHA256

    0e5fa0d1325e04e7f689bb546e73927b786c7126d4ec2852390046d94c98d9b3

  • SHA512

    57adedd4f66d7ea8dfaa001a5e2fd383db74b6b312a6894582d37435fc9e9bb56983ac7ed6fcf37a8f7b066b7c1e68d112cc2f9e84626aedf0ec2a257047088a

Score
10/10
qakbotobama1991657265474

Malware Config

Extracted

Family

qakbot

Version

403.780

Botnet

obama199

Campaign

1657265474

C2

121.7.223.45:2222

67.209.195.198:443

148.64.96.100:443

92.132.132.81:2222

217.128.122.65:2222

47.180.172.159:443

173.174.216.62:443

70.46.220.114:443

32.221.224.140:995

69.14.172.24:443

117.248.109.38:21

94.59.15.180:2222

38.70.253.226:2222

217.165.157.202:995

41.228.22.180:443

67.165.206.193:993

172.115.177.204:2222

186.90.153.162:2222

47.23.89.60:993

120.150.218.241:995
Attributes
  • salt

    jHxastDcds)oMc=jvh7wdUhxcsdt2

Targets

    • Target

      1996-57-0x0000000000220000-0x0000000000242000-memory.dmp

    • Size

      136KB

    • MD5

      b3943fb781fbaa01c6a8d04b9019ea0c

    • SHA1

      80cdfa9a1f6102958f664c43a6c5c653168542c2

    • SHA256

      0e5fa0d1325e04e7f689bb546e73927b786c7126d4ec2852390046d94c98d9b3

    • SHA512

      57adedd4f66d7ea8dfaa001a5e2fd383db74b6b312a6894582d37435fc9e9bb56983ac7ed6fcf37a8f7b066b7c1e68d112cc2f9e84626aedf0ec2a257047088a

    Score
    1/10
    behavioral1behavioral2

MITRE ATT&CK Matrix

Tasks