Overview

overview

10

Static

static

10

872-58-0x0...ry.dll

windows7-x64

3

872-58-0x0...ry.dll

windows10-2004-x64

3

Sharing

Copy URL
Twitter E-mail

General

  • Target

    872-58-0x0000000000170000-0x000000000019A000-memory.dmp

  • Size

    168KB

  • MD5

    cf9d74b71a190efeff41b610389e91fb

  • SHA1

    93486203bbf7b09b56cc328032788e26710f76c4

  • SHA256

    bc92e039a4a5a966566338c65fa8767f71539be5dc4dda7a84e267693aff26f5

  • SHA512

    7763bf2c0e4ef0d110465d9e3489fa128f4f76c0c0de5613785e8d98224e142ce7cd66fb8af43384a0363c48eacc92d3825b530490f4f98e3e36fab4f67b03c7

  • SSDEEP

    3072:u4+rkxEnGHr/sfQwF5iFz9C98kP+EuDWQuvAmJXBdncTBfdQva83YKO/yaa:HxEnGHr/sfQw4z9ED29WQuYmJRdncTBe

Score
10/10
bb061668752705qakbot

Malware Config

Extracted

Family

qakbot

Version

404.30

Botnet

BB06

Campaign

1668752705

C2

98.147.155.235:443

49.175.72.56:443

82.31.37.241:443

73.36.196.11:443

2.84.98.228:2222

188.54.79.88:995

184.153.132.82:443

74.66.134.24:443

172.117.139.142:995

12.172.173.82:990

24.64.114.59:3389

12.172.173.82:2087

78.92.133.215:443

24.64.114.59:2222

50.68.204.71:995

105.184.161.242:443

12.172.173.82:22

221.161.103.6:443

98.145.23.67:443

73.161.176.218:443
Attributes
  • salt

    SoNuce]ugdiB3c[doMuce2s81*uXmcvP

Signatures

Files

  • 872-58-0x0000000000170000-0x000000000019A000-memory.dmp
    .dll windows x86


    Headers

    Sections