Overview

overview

10

Static

static

10

544-57-0x0...ry.dll

windows7-x64

1

544-57-0x0...ry.dll

windows10-2004-x64

1

Sharing

Copy URL
Twitter E-mail

General

  • Target

    544-57-0x0000000000720000-0x000000000074A000-memory.dmp

  • Size

    168KB

  • MD5

    73995d93ca2d18181e1a94d43222a23e

  • SHA1

    9f0a346922d63133eeef2128df6cdec06fefb563

  • SHA256

    1f5d5f6ab92b6633b3e412d86863af410247102fea494c7d6fe8789d4fbd4e4e

  • SHA512

    2339feeb5faf01ee632f821e7899a7252bd804b99185a185fa17698f2ba8ed8ace66530e5e92b262198972fb62f336c0d36a59f312962faf979a6aab927deeca

  • SSDEEP

    3072:0/FzSaAl/QpuwaKVPU/HXLa/juAeJz9ZHZoTBf1yg4QO/yaUX1:izaPKK/HXLabbeJZZHZoTBNy/z/

Score
10/10
obama2191667198792qakbot

Malware Config

Extracted

Family

qakbot

Version

404.14

Botnet

obama219

Campaign

1667198792

C2

84.35.26.14:995

24.206.27.39:443

1.175.205.2:13825

187.1.1.58:63347

144.202.15.58:443

1.156.216.39:30467

186.18.210.16:443

1.181.56.171:771

187.1.1.112:36280

206.1.251.127:2087

187.0.1.167:15088

190.207.196.66:2222

187.0.1.41:25933

102.156.43.188:443

187.0.1.93:40032

156.220.245.93:993

187.1.1.188:12600

189.148.124.243:2222

24.69.87.61:443

187.0.1.78:45959
Attributes
  • salt

    SoNuce]ugdiB3c[doMuce2s81*uXmcvP

Signatures

Files

  • 544-57-0x0000000000720000-0x000000000074A000-memory.dmp
    .dll windows x86


    Headers

    Sections