Overview

overview

10

Static

static

10

1148-57-0x...ry.dll

windows7-x64

1

1148-57-0x...ry.dll

windows10-2004-x64

1

Sharing

Copy URL
Twitter E-mail

General

  • Target

    1148-57-0x00000000003A0000-0x00000000003C2000-memory.dmp

  • Size

    136KB

  • Sample

    220715-3l8w7sfca3

  • MD5

    8b2af8718c8f5345851db4aa077970ea

  • SHA1

    d44f46f7573414f443e3e1e999b5fafd35292f1d

  • SHA256

    e444d49db7239e7bb918d79f3b5b41facd76d913ac3baeb7d270d6a92b6a4d26

  • SHA512

    0a10899a24fd8efcd8dd87f91fdd076e14aac88e03b3c19ac78702c8eed5914739388026d23eb1dfbcd7d8f9f2835b482988400139849037c25447ce89e37102

Score
10/10
qakbotvip011657631718

Malware Config

Extracted

Family

qakbot

Version

403.780

Botnet

vip01

Campaign

1657631718

C2

47.23.89.60:993

37.34.253.233:443

196.203.37.215:80

89.211.209.234:2222

81.158.239.251:2078

179.111.8.52:32101

208.107.221.224:443

24.158.23.166:995

66.230.104.103:443

92.132.132.81:2222

24.139.72.117:443

174.80.15.101:2083

24.178.196.158:2222

100.38.242.113:995

37.186.58.99:995

24.55.67.176:443

74.14.5.179:2222

172.114.160.81:443

40.134.246.185:995

63.143.92.99:995
Attributes
  • salt

    jHxastDcds)oMc=jvh7wdUhxcsdt2

Targets

    • Target

      1148-57-0x00000000003A0000-0x00000000003C2000-memory.dmp

    • Size

      136KB

    • MD5

      8b2af8718c8f5345851db4aa077970ea

    • SHA1

      d44f46f7573414f443e3e1e999b5fafd35292f1d

    • SHA256

      e444d49db7239e7bb918d79f3b5b41facd76d913ac3baeb7d270d6a92b6a4d26

    • SHA512

      0a10899a24fd8efcd8dd87f91fdd076e14aac88e03b3c19ac78702c8eed5914739388026d23eb1dfbcd7d8f9f2835b482988400139849037c25447ce89e37102

    Score
    1/10
    behavioral1behavioral2

MITRE ATT&CK Matrix

Tasks