Overview

overview

10

Static

static

10

1456-57-0x...ry.dll

windows7-x64

3

1456-57-0x...ry.dll

windows10-2004-x64

3

Sharing

Copy URL Twitter E-mail

General

  • Target

    1456-57-0x0000000000310000-0x000000000033A000-memory.dmp

  • Size

    168KB

  • MD5

    9d024a21afb415c529b8812c2ff6184f

  • SHA1

    16dc4e4ff05c516533a49e1f3923c42972a0c914

  • SHA256

    7eebc2344d0b047dd77853f835a1aa35b1fca3e0d728306ba21fda59dc264ac4

  • SHA512

    7aee607a4e4dc3602256644f94ce58613fbaffc68de7025e7b43dc53a89dfae7d9ee8ad5bd9d50a317a9be6ec035a85d571a2f1f82ee3c345a237c3a3e13fc2c

  • SSDEEP

    3072:yxwvwKdT3JSNdWmbaY9AxJmG1D7TTBfJsgWEO/yan:6E3Y+mbaYexJT1D7TTBBsxv/f

Score
10/10
bb051667543522qakbot

Malware Config

Extracted

Family

qakbot

Version

404.20

Botnet

BB05

Campaign

1667543522

C2

190.199.161.250:993

139.216.164.122:443

187.1.1.50:9621

24.142.218.202:443

187.1.1.174:25967

80.0.74.165:443

1.92.239.222:45313

86.225.214.138:2222

1.45.49.137:20481

201.102.237.203:443

187.0.1.84:53556

105.184.161.175:443

187.0.1.41:59046

154.247.15.173:995

1.154.247.15:44413

67.10.175.47:2222

187.1.1.73:42359

75.156.125.215:995

1.50.68.204:18179

75.99.125.238:2222
Attributes
  • salt

    SoNuce]ugdiB3c[doMuce2s81*uXmcvP

Signatures

Files

  • 1456-57-0x0000000000310000-0x000000000033A000-memory.dmp
    .dll windows x86


    Headers

    Sections