Overview

overview

10

Static

static

10

1732-59-0x...ry.dll

windows7-x64

3

1732-59-0x...ry.dll

windows10-2004-x64

3

Sharing

Copy URL
Twitter E-mail

General

  • Target

    1732-59-0x0000000000200000-0x000000000022A000-memory.dmp

  • Size

    168KB

  • Sample

    221121-vyjtvaed9v

  • MD5

    98a1f63312d7043645076f0b128a2b5f

  • SHA1

    c8d5764154c4f0763a80edc7b0396ab5624e4b05

  • SHA256

    8759661c959c532697ca7636e32f60cb728b47fa226ef901407af155cb6862da

  • SHA512

    2fe51284e55165229ba05e6c92b765e48b18571936c5c906301447afe3f5ff63086b99c2c02ee33095ecb271223363e03cf5aa2102bab550f763f122730f049e

  • SSDEEP

    3072:U4GyYt2aOPogV48XOBhkAAJ0yTlATBfZzva83VfO/ya:C2XAgC+OBhxAJZTlATBxe83Vm/

Score
10/10
qakbotobama2231668757345

Malware Config

Extracted

Family

qakbot

Version

404.30

Botnet

obama223

Campaign

1668757345

C2

68.47.128.161:443

87.65.160.87:995

172.90.139.138:2222

86.175.128.143:443

12.172.173.82:465

71.247.10.63:2083

47.41.154.250:443

91.254.215.167:443

71.31.101.183:443

81.229.117.95:2222

24.4.239.157:443

41.99.177.175:443

92.149.205.238:2222

73.230.28.7:443

47.229.96.60:443

186.188.2.193:443

174.112.25.29:2078

84.35.26.14:995

86.130.9.167:2222

116.74.163.221:443
Attributes
  • salt

    SoNuce]ugdiB3c[doMuce2s81*uXmcvP

Targets

    • Target

      1732-59-0x0000000000200000-0x000000000022A000-memory.dmp

    • Size

      168KB

    • MD5

      98a1f63312d7043645076f0b128a2b5f

    • SHA1

      c8d5764154c4f0763a80edc7b0396ab5624e4b05

    • SHA256

      8759661c959c532697ca7636e32f60cb728b47fa226ef901407af155cb6862da

    • SHA512

      2fe51284e55165229ba05e6c92b765e48b18571936c5c906301447afe3f5ff63086b99c2c02ee33095ecb271223363e03cf5aa2102bab550f763f122730f049e

    • SSDEEP

      3072:U4GyYt2aOPogV48XOBhkAAJ0yTlATBfZzva83VfO/ya:C2XAgC+OBhxAJZTlATBxe83Vm/

    Score
    3/10
    behavioral1behavioral2

MITRE ATT&CK Matrix

Tasks