Overview

overview

10

Static

static

10

872-58-0x0...ry.dll

windows7-x64

3

872-58-0x0...ry.dll

windows10-2004-x64

3

Sharing

Copy URL
Twitter E-mail

General

  • Target

    872-58-0x0000000000170000-0x000000000019A000-memory.dmp

  • Size

    168KB

  • Sample

    221118-rx9gbsde3z

  • MD5

    cf9d74b71a190efeff41b610389e91fb

  • SHA1

    93486203bbf7b09b56cc328032788e26710f76c4

  • SHA256

    bc92e039a4a5a966566338c65fa8767f71539be5dc4dda7a84e267693aff26f5

  • SHA512

    7763bf2c0e4ef0d110465d9e3489fa128f4f76c0c0de5613785e8d98224e142ce7cd66fb8af43384a0363c48eacc92d3825b530490f4f98e3e36fab4f67b03c7

  • SSDEEP

    3072:u4+rkxEnGHr/sfQwF5iFz9C98kP+EuDWQuvAmJXBdncTBfdQva83YKO/yaa:HxEnGHr/sfQw4z9ED29WQuYmJRdncTBe

Score
10/10
qakbotbb061668752705

Malware Config

Extracted

Family

qakbot

Version

404.30

Botnet

BB06

Campaign

1668752705

C2

98.147.155.235:443

49.175.72.56:443

82.31.37.241:443

73.36.196.11:443

2.84.98.228:2222

188.54.79.88:995

184.153.132.82:443

74.66.134.24:443

172.117.139.142:995

12.172.173.82:990

24.64.114.59:3389

12.172.173.82:2087

78.92.133.215:443

24.64.114.59:2222

50.68.204.71:995

105.184.161.242:443

12.172.173.82:22

221.161.103.6:443

98.145.23.67:443

73.161.176.218:443
Attributes
  • salt

    SoNuce]ugdiB3c[doMuce2s81*uXmcvP

Targets

    • Target

      872-58-0x0000000000170000-0x000000000019A000-memory.dmp

    • Size

      168KB

    • MD5

      cf9d74b71a190efeff41b610389e91fb

    • SHA1

      93486203bbf7b09b56cc328032788e26710f76c4

    • SHA256

      bc92e039a4a5a966566338c65fa8767f71539be5dc4dda7a84e267693aff26f5

    • SHA512

      7763bf2c0e4ef0d110465d9e3489fa128f4f76c0c0de5613785e8d98224e142ce7cd66fb8af43384a0363c48eacc92d3825b530490f4f98e3e36fab4f67b03c7

    • SSDEEP

      3072:u4+rkxEnGHr/sfQwF5iFz9C98kP+EuDWQuvAmJXBdncTBfdQva83YKO/yaa:HxEnGHr/sfQw4z9ED29WQuYmJRdncTBe

    Score
    3/10
    behavioral1behavioral2

MITRE ATT&CK Matrix

Tasks