Overview

overview

10

Static

static

10

532-59-0x0...ry.dll

windows7-x64

3

532-59-0x0...ry.dll

windows10-2004-x64

3

Sharing

Copy URL
Twitter E-mail

General

  • Target

    532-59-0x0000000000240000-0x000000000026A000-memory.dmp

  • Size

    168KB

  • Sample

    221116-w2ngwacd32

  • MD5

    95d1f7e61258eb4871d928deae3796d7

  • SHA1

    767bc6686e7c7af10e8ea4fab5c313089866b114

  • SHA256

    9879d41f0affbe21b43686e7c6cea18d6bd33af480875436add7b3f9b87a0740

  • SHA512

    570eba2fdcc02d7a13e7412577b5d7cc86a8b2fdd0d98e51341519a55c9863a8e36cd8e84835c6699a3ee2afdc930e8f8baccc709ab6dec84df613ed5ce7f42c

  • SSDEEP

    3072:04+WEpyaCbTtAcyCkt9F4A4JouLfITBf5nva83hwO/yat:ey7/yyW9Fd4JRLfITBRS83hT/

Score
10/10
qakbotbb061668610672

Malware Config

Extracted

Family

qakbot

Version

404.30

Botnet

BB06

Campaign

1668610672

C2

87.243.146.59:443

90.104.22.28:2222

200.93.14.206:2222

86.171.75.63:443

92.185.204.18:2078

86.225.214.138:2222

152.170.17.136:443

92.27.86.48:2222

76.80.180.154:995

71.31.101.183:443

91.254.215.167:443

73.22.121.210:443

87.202.101.164:50000

24.228.132.224:2222

70.121.198.103:2078

186.28.85.119:995

193.251.52.34:2222

98.211.64.94:443

172.117.139.142:995

70.51.153.72:2222
Attributes
  • salt

    SoNuce]ugdiB3c[doMuce2s81*uXmcvP

Targets

    • Target

      532-59-0x0000000000240000-0x000000000026A000-memory.dmp

    • Size

      168KB

    • MD5

      95d1f7e61258eb4871d928deae3796d7

    • SHA1

      767bc6686e7c7af10e8ea4fab5c313089866b114

    • SHA256

      9879d41f0affbe21b43686e7c6cea18d6bd33af480875436add7b3f9b87a0740

    • SHA512

      570eba2fdcc02d7a13e7412577b5d7cc86a8b2fdd0d98e51341519a55c9863a8e36cd8e84835c6699a3ee2afdc930e8f8baccc709ab6dec84df613ed5ce7f42c

    • SSDEEP

      3072:04+WEpyaCbTtAcyCkt9F4A4JouLfITBf5nva83hwO/yat:ey7/yyW9Fd4JRLfITBRS83hT/

    Score
    3/10
    behavioral1behavioral2

MITRE ATT&CK Matrix

Tasks