Overview

overview

10

Static

static

10

1336-98-0x...ry.dll

windows7-x64

1

1336-98-0x...ry.dll

windows10-2004-x64

3

Sharing

Copy URL
Twitter E-mail

General

  • Target

    1336-98-0x0000000000300000-0x000000000032A000-memory.dmp

  • Size

    168KB

  • Sample

    221210-t8rrrsad9w

  • MD5

    1ba70fd21bbbfd89f6647d02761839b3

  • SHA1

    3201609b7ff8f2520c940f11226e46ffa48fd796

  • SHA256

    ccfe0b213db5d301230a49d4d665b33335f4a6aad43ce1a8287c177ddb26de4d

  • SHA512

    babb545950dadec0b159cd6401e4e21a063c294d0cb72be25a75b0130c08206f4fe8bd09702348a0c83ca3726597b00bbfcc7f701e40d959ef58447e32ea73f2

  • SSDEEP

    3072:ygCCXJXBpdycCzzxhgA2J6AT9nTBf5SJO/ya3cv:ldTd3CXxhV2JJT9nTBRSg/

Score
10/10
qakbotazd1670585125

Malware Config

Extracted

Family

qakbot

Version

404.46

Botnet

azd

Campaign

1670585125

C2

172.90.139.138:2222

90.116.219.167:2222

173.239.94.212:443

91.169.12.198:32100

74.66.134.24:443

66.191.69.18:995

182.75.189.42:995

78.69.251.252:2222

98.145.23.67:443

103.71.21.107:443

197.94.219.133:443

91.68.227.219:443

12.172.173.82:993

86.176.83.127:2222

64.121.161.102:443

41.98.21.114:443

92.154.17.149:2222

151.65.67.211:443

89.129.109.27:2222

76.11.14.249:443
Attributes
  • salt

    SoNuce]ugdiB3c[doMuce2s81*uXmcvP

Targets

    • Target

      1336-98-0x0000000000300000-0x000000000032A000-memory.dmp

    • Size

      168KB

    • MD5

      1ba70fd21bbbfd89f6647d02761839b3

    • SHA1

      3201609b7ff8f2520c940f11226e46ffa48fd796

    • SHA256

      ccfe0b213db5d301230a49d4d665b33335f4a6aad43ce1a8287c177ddb26de4d

    • SHA512

      babb545950dadec0b159cd6401e4e21a063c294d0cb72be25a75b0130c08206f4fe8bd09702348a0c83ca3726597b00bbfcc7f701e40d959ef58447e32ea73f2

    • SSDEEP

      3072:ygCCXJXBpdycCzzxhgA2J6AT9nTBf5SJO/ya3cv:ldTd3CXxhV2JJT9nTBRSg/

    Score
    3/10
    behavioral1behavioral2

MITRE ATT&CK Matrix

Tasks