General

  • Target

    1964-67-0x0000000000380000-0x00000000003AA000-memory.dmp

  • Size

    168KB

  • MD5

    53af510c1b2e3c7e5673b0ed49e831ee

  • SHA1

    fc56ec1a9ab899312b142a6daa32ed32e6136706

  • SHA256

    2b3435d9d37dbbc4857568942a4904c76cf3c74f1413b3b09bab9dd4e7e5c717

  • SHA512

    22324a94415766264cdfc01b4b9ae94779781bcb329688623a717c57ce59fd0081dbf6af24fe9d105f3aa7f6955d331bf29254e1bc20a73433ace250aa0c1587

  • SSDEEP

    3072:54yINxn9VWR2ZN0weXKLZNZ0AMJUWxbfpbTBfZKOroO/ya:5arW+WdKLZNZhMJDxbfpbTBxZr/

Score
10/10

Malware Config

Extracted

Family

qakbot

Version

404.62

Botnet

BB11

Campaign

1671561386

C2

184.68.116.146:3389

92.189.214.236:2222

73.29.92.128:443

92.239.81.124:443

47.203.227.114:443

199.83.165.233:443

12.172.173.82:995

12.172.173.82:50001

136.244.25.165:443

37.15.128.31:2222

91.96.249.3:443

92.27.86.48:2222

75.156.125.215:995

93.147.134.85:443

86.176.246.195:2222

89.129.109.27:2222

70.55.120.16:2222

50.67.17.92:443

78.92.133.215:443

190.100.149.122:995

Attributes
  • salt

    SoNuce]ugdiB3c[doMuce2s81*uXmcvP

Signatures

Files

  • 1964-67-0x0000000000380000-0x00000000003AA000-memory.dmp
    .dll windows x86


    Headers

    Sections