Overview

overview

10

Static

static

10

1948-57-0x...ry.dll

windows7-x64

1

1948-57-0x...ry.dll

windows10-2004-x64

1

Sharing

Copy URL Twitter E-mail

General

  • Target

    1948-57-0x00000000003A0000-0x00000000003C2000-memory.dmp

  • Size

    136KB

  • MD5

    58cd2d90fca8d36f13e407d06508344d

  • SHA1

    0f963e89c19accebf08d9adbd8d39ee0897bef42

  • SHA256

    06e04db81b6a55aea5f6cfb170859b0cb6b44683c8fe08dc4a3518da91c41a94

  • SHA512

    2601a623c318827da97952fbb198ac3e8f5ae2f74e64b59b45819e471ff5acc4920e7284cb7e13de6f2ad9ab3ae085cb298c1244b2003e4c405d5ee304e82ce8

  • SSDEEP

    3072:8TQPkX3eKVEvTYU8WAzJdD3O1TBfVlwj:nPkHxVEvTKTzJ53O1TBtlwj

Score
10/10
bb1663774884qakbot

Malware Config

Extracted

Family

qakbot

Version

403.895

Botnet

BB

Campaign

1663774884

C2

70.49.33.200:2222

181.118.183.123:443

99.232.140.205:2222

31.54.39.153:2078

173.218.180.91:443

193.3.19.37:443

134.35.8.88:443

41.97.152.42:443

70.51.132.197:2222

41.111.74.35:995

189.19.189.222:32101

105.156.139.150:443

217.165.68.59:993

119.82.111.158:443

111.125.157.230:443

125.25.129.70:443

197.94.84.128:443

177.255.14.99:995

187.205.222.100:443

190.44.40.48:995
Attributes
  • salt

    SoNuce]ugdiB3c[doMuce2s81*uXmcvP

Signatures

Files

  • 1948-57-0x00000000003A0000-0x00000000003C2000-memory.dmp
    .dll windows x86


    Headers

    Sections