Overview

overview

10

Static

static

10

1168-57-0x...ry.dll

windows7-x64

1

1168-57-0x...ry.dll

windows10-2004-x64

1

Sharing

Copy URL
Twitter E-mail

General

  • Target

    1168-57-0x00000000001F0000-0x0000000000212000-memory.dmp

  • Size

    136KB

  • Sample

    220913-qw8b7sfga2

  • MD5

    ea0a659c5da32180079df89a68ca4139

  • SHA1

    5dcab3e0e3927108b4fa9f400c0f3853a092061d

  • SHA256

    e35e64e647d110b02afba9901cde3b37b6bc65d64e1ab9252c3843246450d2d1

  • SHA512

    1480c43be8bc73af3a5b0fd0444066efa06fb387c6ddfb7f32e772ed104b58f8fa3ff19db57657afdaef649516f338dfd9a5385ca84adf8fd2ed1fcef1968f3d

  • SSDEEP

    1536:xRD176oBP/vtCfT5G6bTCI/Ye0PZBA6eEtJtB7zpQIORnToIfNKkegrzgz:xRRvKo6nzYekTAuJP7tG5TBfN9e1z

Score
10/10
qakbotbb1663053540

Malware Config

Extracted

Family

qakbot

Version

403.862

Botnet

BB

Campaign

1663053540

C2

194.49.79.231:443

193.3.19.37:443

99.232.140.205:2222

47.146.182.110:443

84.38.133.191:443

191.97.234.238:995

37.210.148.30:995

64.207.215.69:443

200.161.62.126:32101

88.245.103.132:2222

86.98.156.176:993

175.110.231.67:443

78.100.254.17:2222

191.84.204.214:995

123.240.131.1:443

197.94.210.133:443

196.92.172.24:8443

186.50.245.74:995

70.51.132.197:2222

100.1.5.250:995
Attributes
  • salt

    SoNuce]ugdiB3c[doMuce2s81*uXmcvP

Targets

    • Target

      1168-57-0x00000000001F0000-0x0000000000212000-memory.dmp

    • Size

      136KB

    • MD5

      ea0a659c5da32180079df89a68ca4139

    • SHA1

      5dcab3e0e3927108b4fa9f400c0f3853a092061d

    • SHA256

      e35e64e647d110b02afba9901cde3b37b6bc65d64e1ab9252c3843246450d2d1

    • SHA512

      1480c43be8bc73af3a5b0fd0444066efa06fb387c6ddfb7f32e772ed104b58f8fa3ff19db57657afdaef649516f338dfd9a5385ca84adf8fd2ed1fcef1968f3d

    • SSDEEP

      1536:xRD176oBP/vtCfT5G6bTCI/Ye0PZBA6eEtJtB7zpQIORnToIfNKkegrzgz:xRRvKo6nzYekTAuJP7tG5TBfN9e1z

    Score
    1/10
    behavioral1behavioral2

MITRE ATT&CK Matrix

Tasks