Overview

overview

10

Static

static

10

1156-57-0x...ry.dll

windows7-x64

1

1156-57-0x...ry.dll

windows10-2004-x64

1

Sharing

Copy URL
Twitter E-mail

General

  • Target

    1156-57-0x0000000000960000-0x0000000000989000-memory.dmp

  • Size

    164KB

  • MD5

    9ac535b69dfae8ca4070e1ca042a624e

  • SHA1

    219f4175e34ef153e7906f9e591905d73576ab6a

  • SHA256

    2ec70f8d4caefec8796d69803e74d4445403f7aa54e4dc44f67efa99992b22a2

  • SHA512

    9a6bfa09640b2a389b41e841df9ecb310e322186e686774050b6ea1c31b3cefb8a887baab9ed9465a45af226794c6d3043788dca45218890f3b6b2d163627bc4

  • SSDEEP

    3072:D04kE+4YVJmcz7KXnCwrmAoJwiXNETBftSrMQO/yaY/fT:M4YDTzmXCoDoJhXNETBFSrMz/g/

Score
10/10
obama2181666870886qakbot

Malware Config

Extracted

Family

qakbot

Version

404.2

Botnet

obama218

Campaign

1666870886

C2

24.206.27.39:443

1.102.156.146:8707

187.1.1.118:44751

172.117.139.142:995

1.181.118.183:31745

45.35.97.45:443

187.0.1.27:28294

58.247.115.126:995

1.24.9.220:42753

187.1.1.186:48208

112.141.184.246:995

201.223.169.238:32100

68.62.199.70:443

45.49.137.80:443

187.0.1.172:28709

102.159.236.29:443

183.242.1.187:1

186.48.161.130:995

191.33.187.192:2222

154.181.228.27:995
Attributes
  • salt

    SoNuce]ugdiB3c[doMuce2s81*uXmcvP

Signatures

Files

  • 1156-57-0x0000000000960000-0x0000000000989000-memory.dmp
    .dll windows x86


    Headers

    Sections