Overview

overview

10

Static

static

10

1516-57-0x...ry.dll

windows7-x64

3

1516-57-0x...ry.dll

windows10-2004-x64

3

Sharing

Copy URL
Twitter E-mail

General

  • Target

    1516-57-0x00000000001C0000-0x00000000001EA000-memory.dmp

  • Size

    168KB

  • Sample

    221118-hdlrgscf7x

  • MD5

    bff27e5f12020bb930823b34539c6461

  • SHA1

    7e8e858e56991e6a8dc852a699c5070ec799948e

  • SHA256

    5534d676266b12fd748c3b3ac9c77ee661e8f2ab6aa06ca77e69b872d05b3d06

  • SHA512

    f6089a27afff68bd16d86e8b1743f75ce033d38fbc54490ef2449de5db31aea44c08ca948b267828e47f130169bd9d457856c21761035ea0993c3d8141e9c432

  • SSDEEP

    3072:U4uOcRaqajLtA8bGVg+gAYJgGrrYTBf5Pva83J3O/yat:WazvC6GVg+VYJxrrYTBR683Je/

Score
10/10
qakbotbb061668610672

Malware Config

Extracted

Family

qakbot

Version

404.30

Botnet

BB06

Campaign

1668610672

C2

87.243.146.59:443

90.104.22.28:2222

200.93.14.206:2222

86.171.75.63:443

92.185.204.18:2078

86.225.214.138:2222

152.170.17.136:443

92.27.86.48:2222

76.80.180.154:995

71.31.101.183:443

91.254.215.167:443

73.22.121.210:443

87.202.101.164:50000

24.228.132.224:2222

70.121.198.103:2078

186.28.85.119:995

193.251.52.34:2222

98.211.64.94:443

172.117.139.142:995

70.51.153.72:2222
Attributes
  • salt

    SoNuce]ugdiB3c[doMuce2s81*uXmcvP

Targets

    • Target

      1516-57-0x00000000001C0000-0x00000000001EA000-memory.dmp

    • Size

      168KB

    • MD5

      bff27e5f12020bb930823b34539c6461

    • SHA1

      7e8e858e56991e6a8dc852a699c5070ec799948e

    • SHA256

      5534d676266b12fd748c3b3ac9c77ee661e8f2ab6aa06ca77e69b872d05b3d06

    • SHA512

      f6089a27afff68bd16d86e8b1743f75ce033d38fbc54490ef2449de5db31aea44c08ca948b267828e47f130169bd9d457856c21761035ea0993c3d8141e9c432

    • SSDEEP

      3072:U4uOcRaqajLtA8bGVg+gAYJgGrrYTBf5Pva83J3O/yat:WazvC6GVg+VYJxrrYTBR683Je/

    Score
    3/10
    behavioral1behavioral2

MITRE ATT&CK Matrix

Tasks