Overview

overview

10

Static

static

10

1368-57-0x...ry.dll

windows7-x64

3

1368-57-0x...ry.dll

windows10-2004-x64

3

Sharing

Copy URL
Twitter E-mail

General

  • Target

    1368-57-0x0000000000140000-0x000000000016A000-memory.dmp

  • Size

    168KB

  • Sample

    221121-rly68agf9v

  • MD5

    e4096cb8b1cde9f6c38bddfd1ac9e458

  • SHA1

    6f76d3bf5b50ed7f6ecea0ecb0fbc97814305389

  • SHA256

    0b15254ebd4356ad6a42642371f7c86c5ac64f655aca14e24ca5d3346e3ffa75

  • SHA512

    8d362d98260e298ed1e6056f94f49fb945fddf32a32dadc09ece40b68e52a65a2b92021bec0f492b13d716c1d5d0fe08dc039fa51726932a299406885c65f693

  • SSDEEP

    3072:U4em8H5CayLb3NAcjWN1oA4JYQxzr8oTBfZXva83R3O/ya:OCr/yiWN1t4JRr8oTBxi83Re/

Score
10/10
qakbotbb071669024152

Malware Config

Extracted

Family

qakbot

Version

404.30

Botnet

BB07

Campaign

1669024152

C2

69.119.123.159:2222

197.148.17.17:2078

174.104.184.149:443

12.172.173.82:995

91.68.227.219:443

85.241.180.94:443

83.7.53.150:443

213.22.188.57:2222

71.46.234.170:443

190.75.150.58:2222

86.98.15.100:995

89.115.196.99:443

83.31.254.67:2222

46.162.109.183:443

2.84.98.228:2222

78.69.251.252:2222

12.172.173.82:465

75.143.236.149:443

47.229.96.60:443

80.121.8.212:995
Attributes
  • salt

    SoNuce]ugdiB3c[doMuce2s81*uXmcvP

Targets

    • Target

      1368-57-0x0000000000140000-0x000000000016A000-memory.dmp

    • Size

      168KB

    • MD5

      e4096cb8b1cde9f6c38bddfd1ac9e458

    • SHA1

      6f76d3bf5b50ed7f6ecea0ecb0fbc97814305389

    • SHA256

      0b15254ebd4356ad6a42642371f7c86c5ac64f655aca14e24ca5d3346e3ffa75

    • SHA512

      8d362d98260e298ed1e6056f94f49fb945fddf32a32dadc09ece40b68e52a65a2b92021bec0f492b13d716c1d5d0fe08dc039fa51726932a299406885c65f693

    • SSDEEP

      3072:U4em8H5CayLb3NAcjWN1oA4JYQxzr8oTBfZXva83R3O/ya:OCr/yiWN1t4JRr8oTBxi83Re/

    Score
    3/10
    behavioral1behavioral2

MITRE ATT&CK Matrix

Tasks