Windows 7 deprecation

Windows 7 will be removed from tria.ge on 2025-03-31

Overview

overview

10

Static

static

10

1532-57-0x...ry.dll

windows7-x64

3

1532-57-0x...ry.dll

windows10-2004-x64

3

Sharing

Copy URL
Twitter E-mail

General

  • Target

    1532-57-0x0000000000200000-0x000000000022A000-memory.dmp

  • Size

    168KB

  • Sample

    221216-f77vpsha4s

  • MD5

    1a05592e045af77cbd4a6fa0c0988ff1

  • SHA1

    a0266ecfe34f963de0f0ea3a59a855bd5cbaa30d

  • SHA256

    ac8ab1f5f43ae1e26abd74c7362c09a0677b41bb89f2623c22a9b1190751fdf9

  • SHA512

    0cfeb68b8c691badf9f9613a119e329afe4173b37a8115065d4c815cfe803ea87e0923f18ae6bdf3c17a7012969e94b33068f31167bb03dff036c791f817f0c3

  • SSDEEP

    3072:SgiSH5HRFVScyzTBxwAWJKwTZnTBfZyeO/yaAv:FdrVXyXBxFWJpTZnTBxyB/

Score
10/10
qakbotbb101671090444

Malware Config

Extracted

Family

qakbot

Version

404.46

Botnet

BB10

Campaign

1671090444

C2

108.6.249.139:443

92.145.203.167:2222

24.206.27.39:443

178.152.25.80:443

87.57.13.215:443

75.143.236.149:443

49.245.119.12:2222

84.35.26.14:995

86.130.9.250:2222

12.172.173.82:995

147.148.234.231:2222

83.114.60.6:2222

213.67.255.57:2222

102.40.202.189:995

149.126.159.106:443

50.68.204.71:995

47.41.154.250:443

50.68.204.71:443

12.172.173.82:465

190.18.236.175:443
Attributes
  • salt

    SoNuce]ugdiB3c[doMuce2s81*uXmcvP

Targets

    • Target

      1532-57-0x0000000000200000-0x000000000022A000-memory.dmp

    • Size

      168KB

    • MD5

      1a05592e045af77cbd4a6fa0c0988ff1

    • SHA1

      a0266ecfe34f963de0f0ea3a59a855bd5cbaa30d

    • SHA256

      ac8ab1f5f43ae1e26abd74c7362c09a0677b41bb89f2623c22a9b1190751fdf9

    • SHA512

      0cfeb68b8c691badf9f9613a119e329afe4173b37a8115065d4c815cfe803ea87e0923f18ae6bdf3c17a7012969e94b33068f31167bb03dff036c791f817f0c3

    • SSDEEP

      3072:SgiSH5HRFVScyzTBxwAWJKwTZnTBfZyeO/yaAv:FdrVXyXBxFWJpTZnTBxyB/

    Score
    3/10
    behavioral1behavioral2

MITRE ATT&CK Matrix

Tasks