Overview

overview

10

Static

static

10

1696-57-0x...ry.dll

windows7-x64

1

1696-57-0x...ry.dll

windows10-2004-x64

1

Sharing

Copy URL
Twitter E-mail

General

  • Target

    1696-57-0x0000000000140000-0x0000000000162000-memory.dmp

  • Size

    136KB

  • Sample

    220916-v1j8dsgce9

  • MD5

    1f048c91d926b170fb0f9c56965e4e2e

  • SHA1

    91a2434c1be6ec8488147afc7499b70a28580117

  • SHA256

    a00f1a25b0314bb4268853e91ac8153e85d00d58614c591aa13330abd0da6a0c

  • SHA512

    ac8207746bdeb7cf85c1b4b84cfa812622ecf24aa7018959a45af4c2399a9ee8bf88c11b01c9fb9967f11b82dbabcc5221c790dc95a105ae731d153149660ac6

  • SSDEEP

    1536:eYNzmxnOCJ0+O8q6NdqvtbHxGEHz1hI1BACJMJ8q9ecCIOknToIfp9H0ad7aljz:ewcaD8qG4tbHHC3AVJn9LgITBfpRolj

Score
10/10
qakbotobama2041663313119

Malware Config

Extracted

Family

qakbot

Version

403.892

Botnet

obama204

Campaign

1663313119

C2

119.82.111.158:443

134.35.10.207:443

200.161.62.126:32101

70.51.132.197:2222

78.100.228.93:995

78.100.225.34:2222

45.51.148.111:993

186.154.92.181:443

66.181.164.43:443

217.165.85.223:993

70.49.33.200:2222

193.3.19.37:443

41.96.56.224:443

99.232.140.205:2222

88.231.221.198:995

76.169.76.44:2222

68.53.110.74:995

196.64.237.138:443

190.44.40.48:995

72.88.245.71:443
Attributes
  • salt

    SoNuce]ugdiB3c[doMuce2s81*uXmcvP

Targets

    • Target

      1696-57-0x0000000000140000-0x0000000000162000-memory.dmp

    • Size

      136KB

    • MD5

      1f048c91d926b170fb0f9c56965e4e2e

    • SHA1

      91a2434c1be6ec8488147afc7499b70a28580117

    • SHA256

      a00f1a25b0314bb4268853e91ac8153e85d00d58614c591aa13330abd0da6a0c

    • SHA512

      ac8207746bdeb7cf85c1b4b84cfa812622ecf24aa7018959a45af4c2399a9ee8bf88c11b01c9fb9967f11b82dbabcc5221c790dc95a105ae731d153149660ac6

    • SSDEEP

      1536:eYNzmxnOCJ0+O8q6NdqvtbHxGEHz1hI1BACJMJ8q9ecCIOknToIfp9H0ad7aljz:ewcaD8qG4tbHHC3AVJn9LgITBfpRolj

    Score
    1/10
    behavioral1behavioral2

MITRE ATT&CK Matrix

Tasks