Overview

overview

10

Static

static

10

836-57-0x0...ry.dll

windows7-x64

3

836-57-0x0...ry.dll

windows10-2004-x64

3

Sharing

Copy URL Twitter E-mail

General

  • Target

    836-57-0x0000000000310000-0x000000000033A000-memory.dmp

  • Size

    168KB

  • MD5

    a20d5f6dd3c91f4833e2af3cf9e16381

  • SHA1

    97341e648b5a883ef15fd9d2b42145fa298685cc

  • SHA256

    def6ec13bfd6ef8cf26723ff33e516ac45669a2c0e78f30f77dd5962bfce2dd8

  • SHA512

    df5d9b41201cb2f8a429fa4d2ed8b5ed89ea844746bae1f7705d396447aa7338b360aeb42f1a0847039ae0cd76fb6458df7efa287f585b7d6fb8e136ba2584c9

  • SSDEEP

    3072:4gai+iyy8I8azn3ag5AEJn91KXTBfJQDO/yaKv:RDVrz3agSEJ91KXTBBQy/

Score
10/10
bb111671442875qakbot

Malware Config

Extracted

Family

qakbot

Version

404.46

Botnet

BB11

Campaign

1671442875

C2

24.71.120.191:443

121.121.100.148:995

172.90.139.138:2222

70.55.120.16:2222

75.99.125.234:2222

172.248.42.122:443

37.14.229.220:2222

83.7.52.202:443

85.241.180.94:443

90.206.194.248:443

31.53.29.141:2222

72.80.7.6:50003

74.92.243.113:50000

90.48.151.17:2222

176.142.207.63:443

178.153.5.54:443

74.66.134.24:443

46.162.109.183:443

12.172.173.82:993

64.237.240.3:443
Attributes
  • salt

    SoNuce]ugdiB3c[doMuce2s81*uXmcvP

Signatures

Files

  • 836-57-0x0000000000310000-0x000000000033A000-memory.dmp
    .dll windows x86


    Headers

    Sections