Overview

overview

10

Static

static

10

2012-57-0x...ry.dll

windows7-x64

3

2012-57-0x...ry.dll

windows10-2004-x64

1

Sharing

Copy URL
Twitter E-mail

General

  • Target

    2012-57-0x0000000002040000-0x000000000206A000-memory.dmp

  • Size

    168KB

  • Sample

    221216-cq7a3agg31

  • MD5

    6d731532dc8e55de4c59a6584d8b2dd8

  • SHA1

    72c1089f1ea58da01815fa87f2013862b944a947

  • SHA256

    d58f490a9a2e6ff540a77191b3dc771f5f5407040ed2c07db1ad945415f29d64

  • SHA512

    0e7cbccd1d5df16f3f074587b187886026a8c92685edd5b450fb82eddcaf1325d94f4fc46fec654e8bee8478d634cfe98a46fd17c36076a02e8f6367c76d1a02

  • SSDEEP

    3072:4gi/4ZXJDpi80XfLzCANdOJ6benWTTBfJWJO/ya3cv:6w5N30PLzHGJtnWTTBBWg/

Score
10/10
qakbotazd1670585125

Malware Config

Extracted

Family

qakbot

Version

404.46

Botnet

azd

Campaign

1670585125

C2

172.90.139.138:2222

90.116.219.167:2222

173.239.94.212:443

91.169.12.198:32100

74.66.134.24:443

66.191.69.18:995

182.75.189.42:995

78.69.251.252:2222

98.145.23.67:443

103.71.21.107:443

197.94.219.133:443

91.68.227.219:443

12.172.173.82:993

86.176.83.127:2222

64.121.161.102:443

41.98.21.114:443

92.154.17.149:2222

151.65.67.211:443

89.129.109.27:2222

76.11.14.249:443
Attributes
  • salt

    SoNuce]ugdiB3c[doMuce2s81*uXmcvP

Targets

    • Target

      2012-57-0x0000000002040000-0x000000000206A000-memory.dmp

    • Size

      168KB

    • MD5

      6d731532dc8e55de4c59a6584d8b2dd8

    • SHA1

      72c1089f1ea58da01815fa87f2013862b944a947

    • SHA256

      d58f490a9a2e6ff540a77191b3dc771f5f5407040ed2c07db1ad945415f29d64

    • SHA512

      0e7cbccd1d5df16f3f074587b187886026a8c92685edd5b450fb82eddcaf1325d94f4fc46fec654e8bee8478d634cfe98a46fd17c36076a02e8f6367c76d1a02

    • SSDEEP

      3072:4gi/4ZXJDpi80XfLzCANdOJ6benWTTBfJWJO/ya3cv:6w5N30PLzHGJtnWTTBBWg/

    Score
    3/10
    behavioral1behavioral2

MITRE ATT&CK Matrix

Tasks