Overview

overview

10

Static

static

10

992-94-0x0...ry.dll

windows7-x64

3

992-94-0x0...ry.dll

windows10-2004-x64

3

Sharing

Copy URL
Twitter E-mail

General

  • Target

    992-94-0x00000000001E0000-0x000000000020A000-memory.dmp

  • Size

    168KB

  • Sample

    221208-bhm2sagf72

  • MD5

    636eb8f7f01dc41aa3a5068f7650b378

  • SHA1

    43813f29575b5bde2d2b188726f04f96f3215bd3

  • SHA256

    02900e6eb7511f87d7e8de75f13d63d01f772702f0f4b989b2161a0723e06892

  • SHA512

    0ea7675992be959d6c5fea95c529485d93d94dd4a11b23817fa888752f60dd875c01dc9e25674d7f2ddb487d2303423393fda152e4607fa11fc1105a999b64b1

  • SSDEEP

    3072:egcnehhT9XxeQQ7bP9BOAmJce3gLTBfNeSO/yaoICv:h7phnQXP9B7mJR3gLTBFet/g

Score
10/10
qakbotbb091670354428

Malware Config

Extracted

Family

qakbot

Version

404.46

Botnet

BB09

Campaign

1670354428

C2

216.82.134.218:443

49.175.72.56:443

12.172.173.82:22

12.172.173.82:50001

190.24.45.24:995

103.144.201.62:2078

24.142.218.202:443

70.160.80.210:443

24.228.132.224:2222

117.186.222.30:993

173.18.126.3:443

75.99.125.235:2222

172.90.139.138:2222

136.232.184.134:995

123.3.240.16:995

76.100.159.250:443

66.191.69.18:995

181.118.183.44:443

31.167.254.199:995

183.82.100.110:2222
Attributes
  • salt

    SoNuce]ugdiB3c[doMuce2s81*uXmcvP

Targets

    • Target

      992-94-0x00000000001E0000-0x000000000020A000-memory.dmp

    • Size

      168KB

    • MD5

      636eb8f7f01dc41aa3a5068f7650b378

    • SHA1

      43813f29575b5bde2d2b188726f04f96f3215bd3

    • SHA256

      02900e6eb7511f87d7e8de75f13d63d01f772702f0f4b989b2161a0723e06892

    • SHA512

      0ea7675992be959d6c5fea95c529485d93d94dd4a11b23817fa888752f60dd875c01dc9e25674d7f2ddb487d2303423393fda152e4607fa11fc1105a999b64b1

    • SSDEEP

      3072:egcnehhT9XxeQQ7bP9BOAmJce3gLTBfNeSO/yaoICv:h7phnQXP9B7mJR3gLTBFet/g

    Score
    3/10
    behavioral1behavioral2

MITRE ATT&CK Matrix

Tasks