Overview

overview

10

Static

static

10

1268-58-0x...ry.dll

windows7-x64

3

1268-58-0x...ry.dll

windows10-2004-x64

3

Sharing

Copy URL Twitter E-mail

General

  • Target

    1268-58-0x0000000000930000-0x000000000095A000-memory.dmp

  • Size

    168KB

  • MD5

    a06b5b0352431c39663e0d467e57f521

  • SHA1

    cf2bb43cc20cc709cf804829cfb0d1a82adc5b56

  • SHA256

    27116a1cdcf63e12b12bca2afb012a45a726aa380b5b6d169dc2132065a8e50b

  • SHA512

    f3640f62a6b8b01da08b43def5b46c8007ad7ac28f583c3e51526e8284e799c11ce42f6f5a0f8b848f9bd5be52c4451d0f62c2dc1c4566f8e2e5db285a95fb9f

  • SSDEEP

    3072:U/ZcYP0qrYtNyu//UZNTrA6RJyu9BcTBf1RgUmO/yaxX1:RYl8qW/UbT8AJD9BcTBNRTp/

Score
10/10
obama2201667373670qakbot

Malware Config

Extracted

Family

qakbot

Version

404.14

Botnet

obama220

Campaign

1667373670

C2

174.0.224.214:443

1.70.60.142:54792

74.33.84.227:443

1.175.205.2:13825

187.1.1.45:12681

190.24.45.24:995

1.50.68.204:18177

193.3.19.137:443

1.41.44.11:58115

73.165.119.20:443

58.247.115.126:995

1.84.35.26:3587

216.82.134.218:443

1.181.164.194:58369

187.1.1.74:23795

71.199.168.185:443

1.94.49.5:29697

187.0.1.108:11471

186.73.140.43:443

1.97.119.214:59649
Attributes
  • salt

    SoNuce]ugdiB3c[doMuce2s81*uXmcvP

Signatures

Files

  • 1268-58-0x0000000000930000-0x000000000095A000-memory.dmp
    .dll windows x86


    Headers

    Sections