Overview

overview

10

Static

static

10

1668-57-0x...ry.dll

windows7-x64

3

1668-57-0x...ry.dll

windows10-2004-x64

3

Sharing

Copy URL
Twitter E-mail

General

  • Target

    1668-57-0x00000000001D0000-0x00000000001FA000-memory.dmp

  • Size

    168KB

  • MD5

    482881d65a62dfd049351e08a3039fd0

  • SHA1

    84daa55d8f07a7535786ebdb8fd3dc9a87334fa4

  • SHA256

    0083c4e1703cfb4d776701eac4eb387d418e8db8febec74c19a0f1b29602b8ce

  • SHA512

    23c2c2421ffe95ff581996165dd088d6b6ee2125b4a5b124420c0ff8ba2f387b2daa89db58c168de04c310452505bdcb1f822a98888d914fa539e5b58bbbd192

  • SSDEEP

    3072:m42R1+j+XyOz+A2C+Q1AmJNbl/ATBfpyva832VO/ya:xj2/ajC+QGmJRl/ATBhR832E/

Score
10/10
bb071669024152qakbot

Malware Config

Extracted

Family

qakbot

Version

404.30

Botnet

BB07

Campaign

1669024152

C2

69.119.123.159:2222

197.148.17.17:2078

174.104.184.149:443

12.172.173.82:995

91.68.227.219:443

85.241.180.94:443

83.7.53.150:443

213.22.188.57:2222

71.46.234.170:443

190.75.150.58:2222

86.98.15.100:995

89.115.196.99:443

83.31.254.67:2222

46.162.109.183:443

2.84.98.228:2222

78.69.251.252:2222

12.172.173.82:465

75.143.236.149:443

47.229.96.60:443

80.121.8.212:995
Attributes
  • salt

    SoNuce]ugdiB3c[doMuce2s81*uXmcvP

Signatures

Files

  • 1668-57-0x00000000001D0000-0x00000000001FA000-memory.dmp
    .dll windows x86


    Headers

    Sections