Overview

overview

10

Static

static

10

1436-57-0x...ry.dll

windows7-x64

1

1436-57-0x...ry.dll

windows10-2004-x64

1

Sharing

Copy URL
Twitter E-mail

General

  • Target

    1436-57-0x00000000002D0000-0x00000000002F2000-memory.dmp

  • Size

    136KB

  • Sample

    220916-r3x1gsgac4

  • MD5

    ad3c57bdd39e7d7a3272eec21bdb1aa9

  • SHA1

    c066aa9b5a2c709f10d1dfa6ce724e901a0919ab

  • SHA256

    b7930313d46d3141a559b69c16973fb236ca120e8d75e06b69ae7392de7be026

  • SHA512

    dac63a8ebd71cb1a982cb27b46960f36d7230e7c9e9f76bec076dc38a142137f78eb85a0ef3144f4719ee68cd9c683ac9f1a1221483f697d3efd957f6fe5f174

  • SSDEEP

    3072:07c52SR3O2MpAGJJIeVkFTBfZHecjuG6:+c5xR3OdiGJeeVkFTBx+cq

Score
10/10
qakbotbb1663323048

Malware Config

Extracted

Family

qakbot

Version

403.862

Botnet

BB

Campaign

1663323048

C2

200.161.62.126:32101

70.51.132.197:2222

78.100.228.93:995

78.100.225.34:2222

179.111.111.88:32101

102.38.97.72:995

217.165.68.125:993

193.3.19.37:443

70.49.33.200:2222

31.54.39.153:2078

99.232.140.205:2222

119.82.111.158:443

134.35.10.207:443

45.51.148.111:993

186.154.92.181:443

66.181.164.43:443

41.96.56.224:443

88.231.221.198:995

76.169.76.44:2222

68.53.110.74:995
Attributes
  • salt

    SoNuce]ugdiB3c[doMuce2s81*uXmcvP

Targets

    • Target

      1436-57-0x00000000002D0000-0x00000000002F2000-memory.dmp

    • Size

      136KB

    • MD5

      ad3c57bdd39e7d7a3272eec21bdb1aa9

    • SHA1

      c066aa9b5a2c709f10d1dfa6ce724e901a0919ab

    • SHA256

      b7930313d46d3141a559b69c16973fb236ca120e8d75e06b69ae7392de7be026

    • SHA512

      dac63a8ebd71cb1a982cb27b46960f36d7230e7c9e9f76bec076dc38a142137f78eb85a0ef3144f4719ee68cd9c683ac9f1a1221483f697d3efd957f6fe5f174

    • SSDEEP

      3072:07c52SR3O2MpAGJJIeVkFTBfZHecjuG6:+c5xR3OdiGJeeVkFTBx+cq

    Score
    1/10
    behavioral1behavioral2

MITRE ATT&CK Matrix

Tasks