Overview

overview

10

Static

static

10

1712-58-0x...ry.dll

windows7-x64

3

1712-58-0x...ry.dll

windows10-2004-x64

3

Sharing

Copy URL Twitter E-mail

General

  • Target

    1712-58-0x0000000000380000-0x00000000003AA000-memory.dmp

  • Size

    168KB

  • MD5

    541c5d403767addf667f9014b19463bd

  • SHA1

    a9b824dd52a3ca9630be681779e7f0bef6b777ca

  • SHA256

    c6df16ed118b68ebeed480b3a6d2ba8b0604a6e77d962dff748caed6300c8f98

  • SHA512

    98a09124557a13c5af42aa85d1952aed6e2a5d482144e5222384aee6364eae8488670fde39017038b98a377bc036c78f75600d4bfcc3f8eb9108900fcebebda7

  • SSDEEP

    3072:Jx0OzVT+uNNzkbHZZ0AXJfrHbf/PTBfZngqfO/yaz:jzg2ubHZZhXJzHbf/PTBxn9m/b

Score
10/10
bb051667294768qakbot

Malware Config

Extracted

Family

qakbot

Version

404.20

Botnet

BB05

Campaign

1667294768

C2

136.232.184.134:995

1.65.20.175:53249

187.0.1.154:63263

50.68.204.71:995

74.92.243.113:50000

1.149.126.159:57345

187.0.1.182:17093

123.3.240.16:995

76.68.34.167:2222

172.219.147.156:3389

94.49.5.116:443

187.0.1.181:14507

206.1.223.234:2087

187.0.1.186:18828

131.23.1.187:1

23.233.254.195:443

76.125.91.160:443

187.0.1.90:42349

70.51.139.148:2222

187.0.1.76:47526
Attributes
  • salt

    SoNuce]ugdiB3c[doMuce2s81*uXmcvP

Signatures

Files

  • 1712-58-0x0000000000380000-0x00000000003AA000-memory.dmp
    .dll windows x86


    Headers

    Sections