Overview

overview

10

Static

static

10

2044-57-0x...ry.dll

windows7-x64

1

2044-57-0x...ry.dll

windows10-2004-x64

1

Sharing

Copy URL Twitter E-mail

General

  • Target

    2044-57-0x0000000000240000-0x0000000000269000-memory.dmp

  • Size

    164KB

  • MD5

    5445ff95987f0da3ea9915ca81ee9366

  • SHA1

    d25e5b172af199fca7cbbe86f99275fce10e93a4

  • SHA256

    1cbb64bee2983df224f64f57ea22f9942cfaf85f1bd127ee0ed67c0f625ce4d6

  • SHA512

    ea78d0030028a178ee0b95d2ffbf809a5eacc56857b2ab2f7acd5e918ca0eb991d4051bdb5e167ea5084cd19a31f9137a2c653a399248fe73159de63578b9b32

  • SSDEEP

    3072:rTRokcHtFiWwA3JK7L+nTBf5Iy3pO/ya:/R9cHtLF3JaL+nTBRX3A/

Score
10/10
obama2151666597712qakbot

Malware Config

Extracted

Family

qakbot

Version

403.1051

Botnet

obama215

Campaign

1666597712

C2

156.220.185.41:993

37.8.67.5:443

156.197.230.148:995

27.110.134.202:995

172.117.139.142:995

208.78.220.120:443

105.111.102.145:443

102.157.250.192:995

58.247.115.126:995

2.88.206.121:443

189.110.3.60:2222

190.207.137.189:2222

105.98.89.54:443

190.74.248.136:443

189.129.38.158:2222

200.109.204.20:2222

105.103.63.213:443

190.27.103.174:995

206.1.175.95:443

167.58.254.85:443
Attributes
  • salt

    SoNuce]ugdiB3c[doMuce2s81*uXmcvP

Signatures

Files

  • 2044-57-0x0000000000240000-0x0000000000269000-memory.dmp
    .dll windows x86


    Headers

    Sections