Overview

overview

10

Static

static

10

1696-57-0x...ry.dll

windows7-x64

1

1696-57-0x...ry.dll

windows10-2004-x64

1

Sharing

Copy URL
Twitter E-mail

General

  • Target

    1696-57-0x00000000001A0000-0x00000000001C2000-memory.dmp

  • Size

    136KB

  • Sample

    220912-vswlfsdga3

  • MD5

    710cefabbf5b7b6082c625d84d109652

  • SHA1

    97c3b5fa47558fdbbb2b04a6fd75e6d1a400e64d

  • SHA256

    10b12baf4e612431b9b0c797b6848be51988e11fb0c7de0f98e3d8db103cabc2

  • SHA512

    f0e3865143d2de29393646400f998b832aca8db43361f2c66609690e3a725ae4030b44df4a4bac682624b7c995d0e50048145b68bd8eb94704138c24f95b2f09

  • SSDEEP

    3072:1QTd6ZaT+KB2wztNutAZJFn3g8TBfVvwJ:OcZaTRMwzt8uZJN3g8TBtvwJ

Score
10/10
qakbotbb1662992461

Malware Config

Extracted

Family

qakbot

Version

403.868

Botnet

BB

Campaign

1662992461

C2

41.97.64.224:443

191.97.234.238:995

89.211.219.157:2222

193.3.19.37:443

70.51.137.118:2222

99.232.140.205:2222

175.110.231.67:443

196.92.172.24:8443

179.111.111.88:32101

134.35.11.110:443

84.38.133.191:443

102.188.100.131:995

197.94.210.133:443

200.161.62.126:32101

194.49.79.231:443

41.248.89.135:443

81.131.161.131:2078

86.98.156.176:993

37.210.148.30:995

81.214.220.237:443
Attributes
  • salt

    SoNuce]ugdiB3c[doMuce2s81*uXmcvP

Targets

    • Target

      1696-57-0x00000000001A0000-0x00000000001C2000-memory.dmp

    • Size

      136KB

    • MD5

      710cefabbf5b7b6082c625d84d109652

    • SHA1

      97c3b5fa47558fdbbb2b04a6fd75e6d1a400e64d

    • SHA256

      10b12baf4e612431b9b0c797b6848be51988e11fb0c7de0f98e3d8db103cabc2

    • SHA512

      f0e3865143d2de29393646400f998b832aca8db43361f2c66609690e3a725ae4030b44df4a4bac682624b7c995d0e50048145b68bd8eb94704138c24f95b2f09

    • SSDEEP

      3072:1QTd6ZaT+KB2wztNutAZJFn3g8TBfVvwJ:OcZaTRMwzt8uZJN3g8TBtvwJ

    Score
    1/10
    behavioral1behavioral2

MITRE ATT&CK Matrix

Tasks