Overview

overview

10

Static

static

10

988-58-0x0...ry.dll

windows7-x64

3

988-58-0x0...ry.dll

windows10-2004-x64

3

Sharing

Copy URL
Twitter E-mail

General

  • Target

    988-58-0x0000000000270000-0x0000000000299000-memory.dmp

  • Size

    164KB

  • MD5

    fba5a91e225d11f257bd1ce20d0e2537

  • SHA1

    4bef5c5ab313cc66d855be3074896c05da69a624

  • SHA256

    3b3ef019972ec4c2583e6d4c99b349c54fb7c0d0645b4d36878abe41bec7811d

  • SHA512

    3be47c4538eb2480d03f19e9682d6b2c70fb0a5ac3d8be568db7a320661c1033706094b7640e5b9538cfdb388ad88a8bdd5bad10aaf814e5e6609546eb9859a6

  • SSDEEP

    3072:AXZYTc5Fvc45shqLuAvJp//dagTBfNE/64AO/ya:0ZcsFvc4lbvJp/dagTBlE//j/

Score
10/10
obama2141666019778qakbot

Malware Config

Extracted

Family

qakbot

Version

403.973

Botnet

obama214

Campaign

1666019778

C2

105.96.221.136:443

37.37.80.2:3389

105.154.56.232:995

41.107.116.19:443

105.103.52.189:443

159.192.204.135:443

41.107.58.251:443

177.152.65.142:443

102.47.218.41:443

176.45.35.243:443

70.173.248.13:443

102.159.77.134:995

220.123.29.76:443

82.12.196.197:443

103.156.237.71:443

149.126.159.254:443

176.44.119.153:443

181.56.171.3:995

190.205.229.67:2222

151.251.50.117:443
Attributes
  • salt

    SoNuce]ugdiB3c[doMuce2s81*uXmcvP

Signatures

Files

  • 988-58-0x0000000000270000-0x0000000000299000-memory.dmp
    .dll windows x86


    Headers

    Sections