Overview

overview

10

Static

static

10

1628-60-0x...ry.dll

windows7-x64

1

1628-60-0x...ry.dll

windows10-2004-x64

1

Sharing

Copy URL
Twitter E-mail

General

  • Target

    1628-60-0x0000000000250000-0x0000000000272000-memory.dmp

  • Size

    136KB

  • Sample

    221005-w8gb5sfbf9

  • MD5

    1f1ef385e88b030060a48b69c5d90605

  • SHA1

    d98c5f08fbef99eff0e967f570d1abd0b253cad8

  • SHA256

    e1b190e37e153532a8daf0acba9a50c2d53c56ed9251ca9cda8940b555b38ba3

  • SHA512

    28b8ec5ffe91efc3f3be7c88f504f4b2531d39c77b86b169e86b80e06658ad08de5a893a0dfccba5123a03a525fba2fcd38f21e117199754162569cf0728f860

  • SSDEEP

    1536:v6iewaEqCCOJsYuZSiySxmimZ5wBnBAW5KbJ9/r9fHIO8nToIfZYxCmt/+qHu:vEaJbiySMimZyBBAtJBr1pQTBfZXig

Score
10/10
qakbot

Malware Config

Extracted

Family

qakbot

C2

70.238.223.142:65113

108.212.133.125:43749

91.204.181.165:28980

227.138.255.213:57594

252.124.102.160:59802

84.56.235.30:702

40.12.38.164:4225

163.55.16.87:6230

235.167.221.218:44172

113.34.86.36:44766

3.198.145.208:34010

194.217.45.198:36220

198.194.188.181:22851

149.133.92.184:61270

135.120.183.211:3151

45.206.222.245:43045

246.179.112.12:64397

88.106.24.76:30867

140.20.244.190:8098

218.91.78.249:2943
Attributes
  • salt

    SoNuce]ugdiB3c[doMuce2s81*uXmcvP

Targets

    • Target

      1628-60-0x0000000000250000-0x0000000000272000-memory.dmp

    • Size

      136KB

    • MD5

      1f1ef385e88b030060a48b69c5d90605

    • SHA1

      d98c5f08fbef99eff0e967f570d1abd0b253cad8

    • SHA256

      e1b190e37e153532a8daf0acba9a50c2d53c56ed9251ca9cda8940b555b38ba3

    • SHA512

      28b8ec5ffe91efc3f3be7c88f504f4b2531d39c77b86b169e86b80e06658ad08de5a893a0dfccba5123a03a525fba2fcd38f21e117199754162569cf0728f860

    • SSDEEP

      1536:v6iewaEqCCOJsYuZSiySxmimZ5wBnBAW5KbJ9/r9fHIO8nToIfZYxCmt/+qHu:vEaJbiySMimZyBBAtJBr1pQTBfZXig

    Score
    1/10
    behavioral1behavioral2

MITRE ATT&CK Matrix

Tasks