Overview

overview

10

Static

static

10

1672-97-0x...ry.dll

windows7-x64

3

1672-97-0x...ry.dll

windows10-2004-x64

3

Sharing

Copy URL
Twitter E-mail

General

  • Target

    1672-97-0x0000000000200000-0x000000000022A000-memory.dmp

  • Size

    168KB

  • Sample

    221205-v8detaed51

  • MD5

    0164b20f2cb331f01f3ecd5dca29d31e

  • SHA1

    693ac72f18ec24e6d3d8d772f851442ac6d25f7e

  • SHA256

    c886b998a42fed1b1e147be9791507c29317676f4a69a35e6e3a3207b3567e2f

  • SHA512

    68a22d4eb4965cdaec4b01f21981f01f2f75078965b9986a050acedf03578e7a097675d07308fb24297891d214194f575522c759f5b3e962d734a3b59ae816ed

  • SSDEEP

    3072:SgiSH5HRFVScyzTBxwAWJKwTxnTBfZykO/yaGv:FdrVXyXBxFWJpTxnTBxyP/

Score
10/10
qakbotbb091670238005

Malware Config

Extracted

Family

qakbot

Version

404.46

Botnet

BB09

Campaign

1670238005

C2

76.100.159.250:443

66.191.69.18:995

186.64.67.9:443

50.90.249.161:443

109.150.179.158:2222

92.149.205.238:2222

86.165.15.180:2222

41.44.19.36:995

78.17.157.5:443

173.18.126.3:443

75.99.125.235:2222

172.90.139.138:2222

27.99.45.237:2222

91.68.227.219:443

12.172.173.82:993

103.144.201.62:2078

12.172.173.82:990

173.239.94.212:443

91.169.12.198:32100

24.64.114.59:2222
Attributes
  • salt

    SoNuce]ugdiB3c[doMuce2s81*uXmcvP

Targets

    • Target

      1672-97-0x0000000000200000-0x000000000022A000-memory.dmp

    • Size

      168KB

    • MD5

      0164b20f2cb331f01f3ecd5dca29d31e

    • SHA1

      693ac72f18ec24e6d3d8d772f851442ac6d25f7e

    • SHA256

      c886b998a42fed1b1e147be9791507c29317676f4a69a35e6e3a3207b3567e2f

    • SHA512

      68a22d4eb4965cdaec4b01f21981f01f2f75078965b9986a050acedf03578e7a097675d07308fb24297891d214194f575522c759f5b3e962d734a3b59ae816ed

    • SSDEEP

      3072:SgiSH5HRFVScyzTBxwAWJKwTxnTBfZykO/yaGv:FdrVXyXBxFWJpTxnTBxyP/

    Score
    3/10
    behavioral1behavioral2

MITRE ATT&CK Matrix

Tasks