Overview

overview

10

Static

static

10

436-97-0x0...ry.dll

windows7-x64

3

436-97-0x0...ry.dll

windows10-2004-x64

3

Sharing

Copy URL
Twitter E-mail

General

  • Target

    436-97-0x0000000000190000-0x00000000001BA000-memory.dmp

  • Size

    168KB

  • Sample

    221209-mb79xsfg6y

  • MD5

    40e240b717c74a96abaf171f100543aa

  • SHA1

    bc55fb0f68ca46ccbd8ba08161b6bd8fc2855756

  • SHA256

    ac787fded0c32b4c2fdd93648e6e8c5619f1b1b705866ba8ae520bc032a679ad

  • SHA512

    d074847ed0b796869dec4d7c7d7b960a7bbf8a220b3d4c64008d42ddcf21f0b79fb4b03159510bfaff74d8e3209db9b7a3608fc45055b3a04c3e7737cc1b21c5

  • SSDEEP

    3072:ogKraqmkKEgc60s3HC6zBAkJfF1znTBfJAHO/yaoICv:BvkK1LLXCIqkJ91znTBBAu/g

Score
10/10
qakbotbb091670354428

Malware Config

Extracted

Family

qakbot

Version

404.46

Botnet

BB09

Campaign

1670354428

C2

216.82.134.218:443

49.175.72.56:443

12.172.173.82:22

12.172.173.82:50001

190.24.45.24:995

103.144.201.62:2078

24.142.218.202:443

70.160.80.210:443

24.228.132.224:2222

117.186.222.30:993

173.18.126.3:443

75.99.125.235:2222

172.90.139.138:2222

136.232.184.134:995

123.3.240.16:995

76.100.159.250:443

66.191.69.18:995

181.118.183.44:443

31.167.254.199:995

183.82.100.110:2222
Attributes
  • salt

    SoNuce]ugdiB3c[doMuce2s81*uXmcvP

Targets

    • Target

      436-97-0x0000000000190000-0x00000000001BA000-memory.dmp

    • Size

      168KB

    • MD5

      40e240b717c74a96abaf171f100543aa

    • SHA1

      bc55fb0f68ca46ccbd8ba08161b6bd8fc2855756

    • SHA256

      ac787fded0c32b4c2fdd93648e6e8c5619f1b1b705866ba8ae520bc032a679ad

    • SHA512

      d074847ed0b796869dec4d7c7d7b960a7bbf8a220b3d4c64008d42ddcf21f0b79fb4b03159510bfaff74d8e3209db9b7a3608fc45055b3a04c3e7737cc1b21c5

    • SSDEEP

      3072:ogKraqmkKEgc60s3HC6zBAkJfF1znTBfJAHO/yaoICv:BvkK1LLXCIqkJ91znTBBAu/g

    Score
    3/10
    behavioral1behavioral2

MITRE ATT&CK Matrix

Tasks