Overview

overview

10

Static

static

10

1156-56-0x...ry.exe

windows7-x64

1156-56-0x...ry.exe

windows10-2004-x64

Sharing

Copy URL
Twitter E-mail

General

  • Target

    1156-56-0x0000000000400000-0x000000000045A000-memory.dmp

  • Size

    360KB

  • Sample

    220831-delqnafhcj

  • MD5

    7b0371d53c760b0ea454ac597adf8215

  • SHA1

    89852eb62c692257e75eeff958be130fd4c58593

  • SHA256

    5ad900fc99e63285fb5d95e204b51d27b05fbf35d51c06793e3e8efb38f23a33

  • SHA512

    3dd738a11a6ef2a87e901878881f65cf4f018ec9857fa88aadfe797083d3d5a80412a28a80800d2c7dafe13d8963dd74a05379afe171addb2274cfd99442796f

  • SSDEEP

    6144:XcOJG4gtS9Zn37rgB1jK5RmuEoN9lftkf4/tb1L5S:XcDlwZnmhK5Ra89Uf4TLQ

Score
10/10
qakbotabc0271604574287

Malware Config

Extracted

Family

qakbot

Version

325.59

Botnet

abc027

Campaign

1604574287

C2

93.86.252.177:995

184.98.97.227:995

188.25.24.21:2222

1.54.190.204:443

89.137.211.239:443

78.101.234.58:443

41.206.131.166:443

87.27.110.90:2222

47.44.217.98:443

197.45.110.165:995

217.133.54.140:32100

41.97.170.119:443

185.246.9.69:995

90.53.232.130:2222

72.186.1.237:443

144.139.230.139:443

86.164.27.33:2222

185.105.131.233:443

90.146.209.224:2222

108.46.145.30:443

Targets

    • Target

      1156-56-0x0000000000400000-0x000000000045A000-memory.dmp

    • Size

      360KB

    • MD5

      7b0371d53c760b0ea454ac597adf8215

    • SHA1

      89852eb62c692257e75eeff958be130fd4c58593

    • SHA256

      5ad900fc99e63285fb5d95e204b51d27b05fbf35d51c06793e3e8efb38f23a33

    • SHA512

      3dd738a11a6ef2a87e901878881f65cf4f018ec9857fa88aadfe797083d3d5a80412a28a80800d2c7dafe13d8963dd74a05379afe171addb2274cfd99442796f

    • SSDEEP

      6144:XcOJG4gtS9Zn37rgB1jK5RmuEoN9lftkf4/tb1L5S:XcDlwZnmhK5Ra89Uf4TLQ

    Score
    1/10
    behavioral1behavioral2

MITRE ATT&CK Matrix

Tasks