Overview

overview

10

Static

static

10

2028-57-0x...ry.dll

windows7-x64

3

2028-57-0x...ry.dll

windows10-2004-x64

3

Sharing

Copy URL Twitter E-mail

General

  • Target

    2028-57-0x0000000000340000-0x000000000036A000-memory.dmp

  • Size

    168KB

  • MD5

    bf7690922fc17399a30e19bf19f19c8e

  • SHA1

    1a592d4c476660e5a2edfa1c8401eaa0901b8712

  • SHA256

    01918c23428198fd21f1ba0799f78d3f34a6ab94d4af3410d47945f7c2e70704

  • SHA512

    4836b9734a246f0c1d5fa4eb98d0e04b9d432f5cc8cb675548918ad88a92b37cb8cffce741c0ca6a1d6803966271abc79d62c7611cb367005b51597ab4fe3c94

  • SSDEEP

    3072:S/uuh+LdL3hSVNrkHF3tAsAOJlFrmUTBfZAgvYXEO/yavX1:w8LdLRiGHF3tApOJDrmUTBxACYXv/

Score
10/10
bb051667208557qakbot

Malware Config

Extracted

Family

qakbot

Version

404.14

Botnet

BB05

Campaign

1667208557

C2

174.77.209.5:443

187.0.1.74:23795

24.206.27.39:443

1.156.220.169:30723

156.216.39.119:995

58.186.75.42:443

1.156.197.160:30467

187.1.1.190:4844

186.18.210.16:443

1.181.56.171:771

90.165.109.4:2222

187.0.1.186:39742

87.57.13.215:443

187.0.1.207:52344

227.26.3.227:1

98.207.190.55:443

187.0.1.197:7017

188.49.56.189:443

102.156.160.115:443

187.0.1.24:17751
Attributes
  • salt

    SoNuce]ugdiB3c[doMuce2s81*uXmcvP

Signatures

Files

  • 2028-57-0x0000000000340000-0x000000000036A000-memory.dmp
    .dll windows x86


    Headers

    Sections