Overview

overview

10

Static

static

10

1608-98-0x...ry.dll

windows7-x64

3

1608-98-0x...ry.dll

windows10-2004-x64

3

Sharing

Copy URL
Twitter E-mail

General

  • Target

    1608-98-0x0000000000800000-0x000000000082A000-memory.dmp

  • Size

    168KB

  • Sample

    221210-p31ehafe76

  • MD5

    bf603019db408ce7b92bb0d960dc6961

  • SHA1

    49970d53c36715e4e7d8eec7fbb15f810a9454e6

  • SHA256

    70bc3c3bf5e491164f04755bc1e067d96e3faaff2e133d89924b058834c6a658

  • SHA512

    46543c47e33609a527a56e346b2ccab34b343e3fbcd8266f80d9f7b492378298eadb380c081240a53a5fcca056d8fb0fdf901dde94a4e02ef8712519749d30a1

  • SSDEEP

    3072:igiynZnx/ScDGzThiBEQAWJqQTenTBfZyJO/ya3cv:VdxXSXh2ElWJpTenTBxyg/

Score
10/10
qakbotazd1670585125

Malware Config

Extracted

Family

qakbot

Version

404.46

Botnet

azd

Campaign

1670585125

C2

172.90.139.138:2222

90.116.219.167:2222

173.239.94.212:443

91.169.12.198:32100

74.66.134.24:443

66.191.69.18:995

182.75.189.42:995

78.69.251.252:2222

98.145.23.67:443

103.71.21.107:443

197.94.219.133:443

91.68.227.219:443

12.172.173.82:993

86.176.83.127:2222

64.121.161.102:443

41.98.21.114:443

92.154.17.149:2222

151.65.67.211:443

89.129.109.27:2222

76.11.14.249:443
Attributes
  • salt

    SoNuce]ugdiB3c[doMuce2s81*uXmcvP

Targets

    • Target

      1608-98-0x0000000000800000-0x000000000082A000-memory.dmp

    • Size

      168KB

    • MD5

      bf603019db408ce7b92bb0d960dc6961

    • SHA1

      49970d53c36715e4e7d8eec7fbb15f810a9454e6

    • SHA256

      70bc3c3bf5e491164f04755bc1e067d96e3faaff2e133d89924b058834c6a658

    • SHA512

      46543c47e33609a527a56e346b2ccab34b343e3fbcd8266f80d9f7b492378298eadb380c081240a53a5fcca056d8fb0fdf901dde94a4e02ef8712519749d30a1

    • SSDEEP

      3072:igiynZnx/ScDGzThiBEQAWJqQTenTBfZyJO/ya3cv:VdxXSXh2ElWJpTenTBxyg/

    Score
    3/10
    behavioral1behavioral2

MITRE ATT&CK Matrix

Tasks