Overview

overview

10

Static

static

10

1160-58-0x...ry.dll

windows7-x64

3

1160-58-0x...ry.dll

windows10-2004-x64

3

Sharing

Copy URL Twitter E-mail

General

  • Target

    1160-58-0x00000000001C0000-0x00000000001EA000-memory.dmp

  • Size

    168KB

  • MD5

    b2b4d8a58d90e67ec82b5178784c3475

  • SHA1

    c660c5d8dd7c91c2a9c6ff91e8586972a31278b8

  • SHA256

    f30c116fe8f7b0a0c9eb0058e93b535fab02fdd8783caac10447bddeb29f83d3

  • SHA512

    fb19dab8535b7d4d2bfdb38208a4e92c79debdf62df2d1798e4e55d7a1039f4674a172bb38b2251ce30fe066a5f7fe47978f28656d95f335f285959d2851ed54

  • SSDEEP

    3072:RxcSLq6Rtb0g4fV/F4A/JDfrgnTBf5LgqHO/yaj:Q2m3fV/Fd/JzrgnTBRLFu/b

Score
10/10
bb051667470564qakbot

Malware Config

Extracted

Family

qakbot

Version

404.20

Botnet

BB05

Campaign

1667470564

C2

181.118.183.103:443

187.0.1.73:57336

41.44.11.227:995

1.66.180.227:43528

187.0.1.190:19192

174.0.224.214:443

1.175.205.2:13825

109.159.119.162:2222

45.49.137.80:443

1.92.24.200:57859

149.126.159.224:443

1.91.68.227:56065

82.141.152.214:443

212.251.122.147:995

92.185.204.18:2078

1.172.249.99:36616

187.1.1.190:6189

80.0.74.165:443

209.0.1.81:40739

197.204.182.47:443
Attributes
  • salt

    SoNuce]ugdiB3c[doMuce2s81*uXmcvP

Signatures

Files

  • 1160-58-0x00000000001C0000-0x00000000001EA000-memory.dmp
    .dll windows x86


    Headers

    Sections