Overview

overview

10

Static

static

10

544-64-0x0...ry.dll

windows7-x64

3

544-64-0x0...ry.dll

windows10-2004-x64

3

Sharing

Copy URL Twitter E-mail

General

  • Target

    544-64-0x0000000010000000-0x000000001002A000-memory.dmp

  • Size

    168KB

  • MD5

    5889d304e478dab80f53b699db5362ae

  • SHA1

    3a4c9d5072ad7ec22b411ccfbf5b3824c878fab0

  • SHA256

    01df499f793110337e9eac49fe73b91bb73d778be56dada6b186893d4c99235f

  • SHA512

    c5c8778054271f90ead4802a23260fb03eeac50b9c96383f34a8cffd941f83afc14e56b32f60d57dff06ebc52cf727a15ec50e1c16a7dbc20dfca3934d41a2c9

  • SSDEEP

    3072:ygikbXp3BvScvqzzxVvAAWJ6AzZHTBfZSEO/yaKv:1TdRXvqXxh1WJJzZHTBRSv/

Score
10/10
bb111671442875qakbot

Malware Config

Extracted

Family

qakbot

Version

404.46

Botnet

BB11

Campaign

1671442875

C2

24.71.120.191:443

121.121.100.148:995

172.90.139.138:2222

70.55.120.16:2222

75.99.125.234:2222

172.248.42.122:443

37.14.229.220:2222

83.7.52.202:443

85.241.180.94:443

90.206.194.248:443

31.53.29.141:2222

72.80.7.6:50003

74.92.243.113:50000

90.48.151.17:2222

176.142.207.63:443

178.153.5.54:443

74.66.134.24:443

46.162.109.183:443

12.172.173.82:993

64.237.240.3:443
Attributes
  • salt

    SoNuce]ugdiB3c[doMuce2s81*uXmcvP

Signatures

Files

  • 544-64-0x0000000010000000-0x000000001002A000-memory.dmp
    .dll windows x86


    Headers

    Sections