General

  • Target

    4916-136-0x0000000001150000-0x0000000001179000-memory.dmp

  • Size

    164KB

  • MD5

    46cde508fd9f00e0201d230cb49eeb8c

  • SHA1

    07370e7d1f9b59aa0dec9f5d126941aec50d20d2

  • SHA256

    dec974f46b1f20065377419c3b906066be1ee32abfab8f8cb187c9c4662f638c

  • SHA512

    7b0682fb000644e444f97ef4f999595576bbb494f8d363b3566679740c764a6a4f848188680c1d933a070199fc3dfb86059ad8e3aa88a0da13f6a5aa1e55a52f

  • SSDEEP

    3072:bzQazYYCn1fU6IABVJ2z/DjTBf5gyHeO/ya:/zZCn1PN/Je/DjTBxfHB/

Score
10/10

Malware Config

Extracted

Family

qakbot

Version

403.1051

Botnet

BB04

Campaign

1666690935

C2

181.164.194.228:443

24.116.45.121:443

190.74.248.136:443

24.206.27.39:443

27.110.134.202:995

2.88.206.121:443

71.199.168.185:443

200.233.108.153:995

198.2.51.242:993

172.117.139.142:995

70.115.104.126:443

144.202.15.58:443

190.24.45.24:995

24.9.220.167:443

58.247.115.126:995

193.3.19.137:443

45.230.169.132:995

68.62.199.70:443

43.241.159.238:443

113.162.196.232:443

Attributes
  • salt

    SoNuce]ugdiB3c[doMuce2s81*uXmcvP

Signatures

Files

  • 4916-136-0x0000000001150000-0x0000000001179000-memory.dmp
    .dll windows x86


    Headers

    Sections