Overview

overview

10

Static

static

10

1148-57-0x...ry.dll

windows7-x64

3

1148-57-0x...ry.dll

windows10-2004-x64

3

Sharing

Copy URL
Twitter E-mail

General

  • Target

    1148-57-0x00000000001D0000-0x00000000001FA000-memory.dmp

  • Size

    168KB

  • MD5

    2faec524cf5565d8257341326398bc08

  • SHA1

    e5c8429b4966c9fb295fe379abe4ee225ffc319f

  • SHA256

    ce0acefe5b9586da40a6f913c4ae5f0abc7c2b8c18584bea76e8722d6dfb73f4

  • SHA512

    69d2c59ce6731edb6a052b5677d9ee667c58215afe2469ea4ba2ffac19b189e5276cb67143465ac077074f4e9d5f72af80a4d193f9627ff299bb8e6d7bc56322

  • SSDEEP

    3072:m42R1+j+XyOz+A2C+Q1AmJNblpATBfpyva832CO/yaHk:xj2/ajC+QGmJRlpATBhR832d/s

Score
10/10
bb061668670510qakbot

Malware Config

Extracted

Family

qakbot

Version

404.30

Botnet

BB06

Campaign

1668670510

C2

86.225.214.138:2222

71.183.236.133:443

182.66.197.35:443

70.66.199.12:443

76.80.180.154:995

180.151.104.143:443

92.149.205.238:2222

83.110.223.247:443

183.87.31.34:443

105.103.50.1:990

103.141.50.117:995

105.103.50.1:465

105.103.50.1:22

86.130.9.167:2222

86.99.15.243:2222

90.104.22.28:2222

172.117.139.142:995

176.142.207.63:443

142.161.27.232:2222

71.247.10.63:50003
Attributes
  • salt

    SoNuce]ugdiB3c[doMuce2s81*uXmcvP

Signatures

Files

  • 1148-57-0x00000000001D0000-0x00000000001FA000-memory.dmp
    .dll windows x86


    Headers

    Sections