Overview

overview

10

Static

static

10

1736-64-0x...ry.dll

windows7-x64

3

1736-64-0x...ry.dll

windows10-2004-x64

3

Sharing

Copy URL Twitter E-mail

General

  • Target

    1736-64-0x00000000001F0000-0x000000000021A000-memory.dmp

  • Size

    168KB

  • MD5

    5d843e4930e7b4877505a27fb0d9505b

  • SHA1

    38788bbc88ec4eac03c1f7fb15dec16bc1b392db

  • SHA256

    7397ff10089cfa1797490fabbf688d4e04df0e262df5203612a4c40da3009a00

  • SHA512

    9267e4467d0dcd37c5957ded3b1baf8eaa97758e2a7b4ce6b408be50efbd9edebee79e4944516e9a1647bf168c80d93d304bf0630be1be221fd5cf46287211d2

  • SSDEEP

    3072:SqIxBlqMZn69MK34UXAeJvNtbzTBfdlOCsO/ya:Su46GK34UQeJVtbzTBVH3/

Score
10/10
bb111671561386qakbot

Malware Config

Extracted

Family

qakbot

Version

404.62

Botnet

BB11

Campaign

1671561386

C2

184.68.116.146:3389

92.189.214.236:2222

73.29.92.128:443

92.239.81.124:443

47.203.227.114:443

199.83.165.233:443

12.172.173.82:995

12.172.173.82:50001

136.244.25.165:443

37.15.128.31:2222

91.96.249.3:443

92.27.86.48:2222

75.156.125.215:995

93.147.134.85:443

86.176.246.195:2222

89.129.109.27:2222

70.55.120.16:2222

50.67.17.92:443

78.92.133.215:443

190.100.149.122:995
Attributes
  • salt

    SoNuce]ugdiB3c[doMuce2s81*uXmcvP

Signatures

Files

  • 1736-64-0x00000000001F0000-0x000000000021A000-memory.dmp
    .dll windows x86


    Headers

    Sections