Overview

overview

10

Static

static

10

1932-57-0x...ry.dll

windows7-x64

1

1932-57-0x...ry.dll

windows10-2004-x64

1

Sharing

Copy URL Twitter E-mail

General

  • Target

    1932-57-0x0000000000180000-0x00000000001A2000-memory.dmp

  • Size

    136KB

  • MD5

    b2b343e943d726fb838127c55dc02cef

  • SHA1

    f7219da856c84f7eeb731f9dbed1a777ea71d886

  • SHA256

    37a749e90e5dd1e01aa891cda48c8fa847768a9edd78242b99f336c4d1276ee7

  • SHA512

    7d625ccf348ff594a3631eb3504b36e5bd8a217d3a7d08b991831c0f0b51be60b6b95e3c170639f0308cca5ef1ff147822594da36b7de24cab9ec1faf4f787c5

  • SSDEEP

    3072:bGMSR+uT3KRH67raQytXlYfpKYDMtTBfpdGz+:iUhRH6Xlamfp5DMtTBBdG

Score
10/10
obama2061663660089qakbot

Malware Config

Extracted

Family

qakbot

Version

403.894

Botnet

obama206

Campaign

1663660089

C2

119.82.111.158:443

66.181.164.43:443

181.118.183.123:443

88.245.168.200:2222

70.49.33.200:2222

193.3.19.37:443

99.232.140.205:2222

110.4.255.247:443

134.35.9.144:443

89.211.217.38:995

64.207.215.69:443

83.110.219.59:993

197.94.84.128:443

177.255.14.99:995

41.103.226.172:443

109.155.5.164:993

190.44.40.48:995

187.205.222.100:443

41.107.78.223:995

191.97.234.238:995
Attributes
  • salt

    SoNuce]ugdiB3c[doMuce2s81*uXmcvP

Signatures

Files

  • 1932-57-0x0000000000180000-0x00000000001A2000-memory.dmp
    .dll windows x86


    Headers

    Sections