Windows 7 deprecation

Windows 7 will be removed from tria.ge on 2025-03-31

Overview

overview

10

Static

static

10

1416-57-0x...ry.dll

windows7-x64

1

1416-57-0x...ry.dll

windows10-2004-x64

1

Sharing

Copy URL
Twitter E-mail

General

  • Target

    1416-57-0x00000000001A0000-0x00000000001C2000-memory.dmp

  • Size

    136KB

  • Sample

    221006-tncgcahhb7

  • MD5

    39a19a3c24e6aa2c23c65622adbcaccb

  • SHA1

    8804d9c3e451f6f2869d6b4c0a820ef98d287112

  • SHA256

    34c564c78cef958f7b977d1f5d8663c7b5da0852aea6661d77029af8ffe5a713

  • SHA512

    a1f68975b1bbc820ee4bab82ec40c90610bbfef0ee6b151ee76f7dd47ec021c12a5a52719fa602a3fdcb4c509b6b42d1092f51f1e5e5f88dc9e738f0fb74f5bd

  • SSDEEP

    3072:Vi60vdATaEtRzQUtsA23Jpp3q8TBfVjYSw:V2AOMRzQWp23JX3q8TBtESw

Score
10/10
qakbot

Malware Config

Extracted

Family

qakbot

C2

78.94.148.92:1753

134.180.185.240:32987

201.136.101.182:38323

124.77.95.5:46163

196.90.29.190:30693

187.144.110.117:36330

10.44.33.140:65267

162.117.200.91:29984

159.254.223.192:31154

11.239.81.233:37

31.248.76.23:24072

224.77.182.18:55579

124.230.27.11:44408

205.255.39.94:54675

192.1.213.104:14212

145.3.120.239:20068

242.199.30.106:9157

243.240.195.106:42825

74.234.32.185:42698

102.51.5.67:47820
Attributes
  • salt

    SoNuce]ugdiB3c[doMuce2s81*uXmcvP

Targets

    • Target

      1416-57-0x00000000001A0000-0x00000000001C2000-memory.dmp

    • Size

      136KB

    • MD5

      39a19a3c24e6aa2c23c65622adbcaccb

    • SHA1

      8804d9c3e451f6f2869d6b4c0a820ef98d287112

    • SHA256

      34c564c78cef958f7b977d1f5d8663c7b5da0852aea6661d77029af8ffe5a713

    • SHA512

      a1f68975b1bbc820ee4bab82ec40c90610bbfef0ee6b151ee76f7dd47ec021c12a5a52719fa602a3fdcb4c509b6b42d1092f51f1e5e5f88dc9e738f0fb74f5bd

    • SSDEEP

      3072:Vi60vdATaEtRzQUtsA23Jpp3q8TBfVjYSw:V2AOMRzQWp23JX3q8TBtESw

    Score
    1/10
    behavioral1behavioral2

MITRE ATT&CK Matrix

Tasks