Overview

overview

10

Static

static

10

1556-99-0x...ry.dll

windows7-x64

1

1556-99-0x...ry.dll

windows10-2004-x64

1

Sharing

Copy URL Twitter E-mail

General

  • Target

    1556-99-0x0000000000380000-0x00000000003AA000-memory.dmp

  • Size

    168KB

  • MD5

    3817249ed99a7578eebda2cbd6ba7099

  • SHA1

    ec4a12834332f04504cff9190b4db5a5a84f9dfc

  • SHA256

    4eeb022def694cf69c8b859c7dce3f5c208b04ded0868dbb6fe52aadeddca016

  • SHA512

    8400b7693df613c51e3d8292a3368cf71cceac4e12ae119526861b0b263c8ea40b807e5a2d2bf8954002a764293b99eeb7be4c91f3022a8fc6307766a6c58bab

  • SSDEEP

    3072:u/CvYZKFuJNzkZfZ04AeJhZ3bfqsTBfZsgYQO/yaUX1:9YK6uZfZ0deJ73bfqsTBxs3z/

Score
10/10
obama2191667198792qakbot

Malware Config

Extracted

Family

qakbot

Version

404.14

Botnet

obama219

Campaign

1667198792

C2

84.35.26.14:995

24.206.27.39:443

1.175.205.2:13825

187.1.1.58:63347

144.202.15.58:443

1.156.216.39:30467

186.18.210.16:443

1.181.56.171:771

187.1.1.112:36280

206.1.251.127:2087

187.0.1.167:15088

190.207.196.66:2222

187.0.1.41:25933

102.156.43.188:443

187.0.1.93:40032

156.220.245.93:993

187.1.1.188:12600

189.148.124.243:2222

24.69.87.61:443

187.0.1.78:45959
Attributes
  • salt

    SoNuce]ugdiB3c[doMuce2s81*uXmcvP

Signatures

Files

  • 1556-99-0x0000000000380000-0x00000000003AA000-memory.dmp
    .dll windows x86


    Headers

    Sections