Overview

overview

10

Static

static

10

2028-57-0x...ry.dll

windows7-x64

1

2028-57-0x...ry.dll

windows10-2004-x64

1

Sharing

Copy URL
Twitter E-mail

General

  • Target

    2028-57-0x0000000000190000-0x00000000001B2000-memory.dmp

  • Size

    136KB

  • Sample

    220912-tgkjdahchr

  • MD5

    fa2767faff861611df0feee8332f4d99

  • SHA1

    51499e5a47f5d2394c2da1e743a1f69f4b5a85d0

  • SHA256

    7e6823ef3fd61c585a8a0dbc300ae497c446c40488c334cf11b665ab1276b902

  • SHA512

    2a9ff61d8b9ff62871284be983e76f3d0499b9a1dab72ce0899d3d1ba30b6ce42ef6e79603fd7b842910e0c9aa92e0623a7c2e981f9b01bcea5f66775cc283e1

  • SSDEEP

    3072:MIB2eaBXiqqAiKB8C+AdlJuYlZMYTBfZCg2:j2/yfAiK9LvJhlZMYTBxCg2

Score
10/10
qakbotbb1662992461

Malware Config

Extracted

Family

qakbot

Version

403.868

Botnet

BB

Campaign

1662992461

C2

41.97.64.224:443

191.97.234.238:995

89.211.219.157:2222

193.3.19.37:443

70.51.137.118:2222

99.232.140.205:2222

175.110.231.67:443

196.92.172.24:8443

179.111.111.88:32101

134.35.11.110:443

84.38.133.191:443

102.188.100.131:995

197.94.210.133:443

200.161.62.126:32101

194.49.79.231:443

41.248.89.135:443

81.131.161.131:2078

86.98.156.176:993

37.210.148.30:995

81.214.220.237:443
Attributes
  • salt

    SoNuce]ugdiB3c[doMuce2s81*uXmcvP

Targets

    • Target

      2028-57-0x0000000000190000-0x00000000001B2000-memory.dmp

    • Size

      136KB

    • MD5

      fa2767faff861611df0feee8332f4d99

    • SHA1

      51499e5a47f5d2394c2da1e743a1f69f4b5a85d0

    • SHA256

      7e6823ef3fd61c585a8a0dbc300ae497c446c40488c334cf11b665ab1276b902

    • SHA512

      2a9ff61d8b9ff62871284be983e76f3d0499b9a1dab72ce0899d3d1ba30b6ce42ef6e79603fd7b842910e0c9aa92e0623a7c2e981f9b01bcea5f66775cc283e1

    • SSDEEP

      3072:MIB2eaBXiqqAiKB8C+AdlJuYlZMYTBfZCg2:j2/yfAiK9LvJhlZMYTBxCg2

    Score
    1/10
    behavioral1behavioral2

MITRE ATT&CK Matrix

Tasks