Overview

overview

10

Static

static

10

1620-98-0x...ry.dll

windows7-x64

3

1620-98-0x...ry.dll

windows10-2004-x64

3

Sharing

Copy URL
Twitter E-mail

General

  • Target

    1620-98-0x0000000000260000-0x000000000028A000-memory.dmp

  • Size

    168KB

  • Sample

    221210-qcwt3afe92

  • MD5

    ec192e76a5c4b4b2c29016f3a8f27a43

  • SHA1

    437a4d21226474ec9940939bec8b07e0e2124548

  • SHA256

    be34f45b4625ba97803d28f8dbf95ea88f6642b174379d6e90d5c34b41473178

  • SHA512

    88053a0c3924ca3bea1e69e47619051a16ac40f3303a64f8f97fad2cc7ff86ce3f013af7306da6d58f70631c0a3d8cd51a671eac3fc460a4b819ea2d5727d7b4

  • SSDEEP

    3072:kgd08ZLF/Zew2xr73OUmAmJkG3NLTBft+JO/ya3cv:b5hn2xX3zDmJh3NLTBl+g/

Score
10/10
qakbotazd1670585125

Malware Config

Extracted

Family

qakbot

Version

404.46

Botnet

azd

Campaign

1670585125

C2

172.90.139.138:2222

90.116.219.167:2222

173.239.94.212:443

91.169.12.198:32100

74.66.134.24:443

66.191.69.18:995

182.75.189.42:995

78.69.251.252:2222

98.145.23.67:443

103.71.21.107:443

197.94.219.133:443

91.68.227.219:443

12.172.173.82:993

86.176.83.127:2222

64.121.161.102:443

41.98.21.114:443

92.154.17.149:2222

151.65.67.211:443

89.129.109.27:2222

76.11.14.249:443
Attributes
  • salt

    SoNuce]ugdiB3c[doMuce2s81*uXmcvP

Targets

    • Target

      1620-98-0x0000000000260000-0x000000000028A000-memory.dmp

    • Size

      168KB

    • MD5

      ec192e76a5c4b4b2c29016f3a8f27a43

    • SHA1

      437a4d21226474ec9940939bec8b07e0e2124548

    • SHA256

      be34f45b4625ba97803d28f8dbf95ea88f6642b174379d6e90d5c34b41473178

    • SHA512

      88053a0c3924ca3bea1e69e47619051a16ac40f3303a64f8f97fad2cc7ff86ce3f013af7306da6d58f70631c0a3d8cd51a671eac3fc460a4b819ea2d5727d7b4

    • SSDEEP

      3072:kgd08ZLF/Zew2xr73OUmAmJkG3NLTBft+JO/ya3cv:b5hn2xX3zDmJh3NLTBl+g/

    Score
    3/10
    behavioral1behavioral2

MITRE ATT&CK Matrix

Tasks