Overview

overview

10

Static

static

10

900-57-0x0...ry.dll

windows7-x64

1

900-57-0x0...ry.dll

windows10-2004-x64

3

Sharing

Copy URL Twitter E-mail

General

  • Target

    900-57-0x0000000000490000-0x00000000004B9000-memory.dmp

  • Size

    164KB

  • MD5

    c6f7dfca53586b25dfc4a65e17926f2e

  • SHA1

    695128a9edfa02b533b72aaaa60eca45c2dd04a0

  • SHA256

    6dccf0c27f970dcc966b65562112bd1b9851f74a8545bf714ec866123fb52965

  • SHA512

    5ee48b74ce6b32749baa321f7b81054c841dbe2623d1056db69d8f5c1a795c00a2a7434c88d92a9319c40a8e3688148a286f1d853f008c7bf1cbd0a874b7ee4c

  • SSDEEP

    3072:3DvTBWmVY8wKRPYAvJT1lwgTBfZK/6ogO/ya:zvTBW+TwK99vJhlwgTBxK/vD/

Score
10/10
obama2131665998932qakbot

Malware Config

Extracted

Family

qakbot

Version

403.973

Botnet

obama213

Campaign

1665998932

C2

70.173.248.13:443

219.71.108.177:443

206.1.189.186:443

14.246.151.175:443

102.159.77.134:995

200.233.108.153:993

134.35.3.85:443

190.199.186.117:2222

200.155.61.245:995

103.156.237.71:443

176.44.119.153:443

181.56.171.3:995

151.251.50.117:443

163.182.177.80:443

104.202.220.123:443

41.101.92.195:443

190.193.180.228:443

190.204.112.207:2222

41.97.56.102:443

41.69.209.76:443
Attributes
  • salt

    SoNuce]ugdiB3c[doMuce2s81*uXmcvP

Signatures

Files

  • 900-57-0x0000000000490000-0x00000000004B9000-memory.dmp
    .dll windows x86


    Headers

    Sections