Overview

overview

10

Static

static

10

608-58-0x0...ry.dll

windows7-x64

3

608-58-0x0...ry.dll

windows10-2004-x64

3

Sharing

Copy URL
Twitter E-mail

General

  • Target

    608-58-0x00000000002F0000-0x000000000031A000-memory.dmp

  • Size

    168KB

  • Sample

    221118-qpm3pahd72

  • MD5

    de6a538e416174d1224990910fb7c7da

  • SHA1

    c88864d1a28eb3117817212bd6222fa81b3b3bb7

  • SHA256

    1014b41fe4f40af29b5f9ef195ab9b5a1ff4ac9a8bfe693a75930cb78443d51b

  • SHA512

    f58e082bbf0400d107ab78ca99c1a9e5e4cc191661b437e1661f744b91032c9bbd3746235aa16f7597736e065264a7df22f17a410bb2382c57f8a675155da172

  • SSDEEP

    3072:+4+TH0hC1UsfeEPEWouv3AGJfJNKsTBfd4va83Q2O/yaa:rh8jGKEWoWwGJhNKsTBVz83Q5/S

Score
10/10
qakbotbb061668752705

Malware Config

Extracted

Family

qakbot

Version

404.30

Botnet

BB06

Campaign

1668752705

C2

98.147.155.235:443

49.175.72.56:443

82.31.37.241:443

73.36.196.11:443

2.84.98.228:2222

188.54.79.88:995

184.153.132.82:443

74.66.134.24:443

172.117.139.142:995

12.172.173.82:990

24.64.114.59:3389

12.172.173.82:2087

78.92.133.215:443

24.64.114.59:2222

50.68.204.71:995

105.184.161.242:443

12.172.173.82:22

221.161.103.6:443

98.145.23.67:443

73.161.176.218:443
Attributes
  • salt

    SoNuce]ugdiB3c[doMuce2s81*uXmcvP

Targets

    • Target

      608-58-0x00000000002F0000-0x000000000031A000-memory.dmp

    • Size

      168KB

    • MD5

      de6a538e416174d1224990910fb7c7da

    • SHA1

      c88864d1a28eb3117817212bd6222fa81b3b3bb7

    • SHA256

      1014b41fe4f40af29b5f9ef195ab9b5a1ff4ac9a8bfe693a75930cb78443d51b

    • SHA512

      f58e082bbf0400d107ab78ca99c1a9e5e4cc191661b437e1661f744b91032c9bbd3746235aa16f7597736e065264a7df22f17a410bb2382c57f8a675155da172

    • SSDEEP

      3072:+4+TH0hC1UsfeEPEWouv3AGJfJNKsTBfd4va83Q2O/yaa:rh8jGKEWoWwGJhNKsTBVz83Q5/S

    Score
    3/10
    behavioral1behavioral2

MITRE ATT&CK Matrix

Tasks