Overview

overview

10

Static

static

10

636-100-0x...ry.dll

windows7-x64

3

636-100-0x...ry.dll

windows10-2004-x64

3

Sharing

Copy URL Twitter E-mail

General

  • Target

    636-100-0x0000000000390000-0x00000000003BA000-memory.dmp

  • Size

    168KB

  • MD5

    02a6b6b28a1b7aafa9bf8183dcb794de

  • SHA1

    046892655406ef46d1cee3a0e5e061c8b1e1a6b7

  • SHA256

    1363a9215e99e12c085a54ac4ed517f0299bd3aa0a2e7ae2477fcbca85cc5e0e

  • SHA512

    eb1746aa48b875482f35c697257e95b7b3bc080b58ce03b07f6c895fec55407599206e1e429e43d5aacb415d62a74423bd6648c0c73555074b77ab8fc914eea7

  • SSDEEP

    3072:ogKXbWLKKkAc6ea3HiohAkJ/l1lnTBfJATO/yaAv:BT1LrXioKkJ91lnTBBAC/

Score
10/10
bb101671090444qakbot

Malware Config

Extracted

Family

qakbot

Version

404.46

Botnet

BB10

Campaign

1671090444

C2

108.6.249.139:443

92.145.203.167:2222

24.206.27.39:443

178.152.25.80:443

87.57.13.215:443

75.143.236.149:443

49.245.119.12:2222

84.35.26.14:995

86.130.9.250:2222

12.172.173.82:995

147.148.234.231:2222

83.114.60.6:2222

213.67.255.57:2222

102.40.202.189:995

149.126.159.106:443

50.68.204.71:995

47.41.154.250:443

50.68.204.71:443

12.172.173.82:465

190.18.236.175:443
Attributes
  • salt

    SoNuce]ugdiB3c[doMuce2s81*uXmcvP

Signatures

Files

  • 636-100-0x0000000000390000-0x00000000003BA000-memory.dmp
    .dll windows x86


    Headers

    Sections