Overview

overview

10

Static

static

10

820-57-0x0...ry.dll

windows7-x64

1

820-57-0x0...ry.dll

windows10-2004-x64

1

Sharing

Copy URL
Twitter E-mail

General

  • Target

    820-57-0x0000000000440000-0x0000000000463000-memory.dmp

  • Size

    140KB

  • Sample

    230131-sdnaesaf7y

  • MD5

    1c1479fc34cd0643d9f92a86239128a7

  • SHA1

    42df908ca685fc4c6f4810fc74cdd3e93f98be86

  • SHA256

    a84e151c81ce0bdc83b746a9a4722e85bd7f000a3ff6e93003a28c14e01af247

  • SHA512

    36a240cf3f39521992021b45b1ee3f65b11017ddd0ccc4477032d5a2d45e0f9c2df27716e69b4720f9964df13cba5dfab4acd36b98c5623c36e1d086c9aef7cc

  • SSDEEP

    3072:ROCFfgTwC43xRxuE36oYA/JhI/Q3TBfvr6+:HgTV4hzuBo9/JK/Q3TBHr6

Score
10/10
qakbotbb121675161160

Malware Config

Extracted

Family

qakbot

Version

404.432

Botnet

BB12

Campaign

1675161160

C2

114.143.176.234:443

88.126.94.4:50000

103.252.7.228:443

87.10.205.117:443

82.15.58.109:2222

72.80.7.6:995

90.162.45.154:2222

47.34.30.133:443

50.68.204.71:993

112.141.184.246:995

73.165.119.20:443

91.169.12.198:32100

173.18.126.3:443

87.56.238.53:443

85.241.180.94:443

12.172.173.82:50001

92.154.17.149:2222

103.42.86.246:995

12.172.173.82:990

91.254.132.23:443
Attributes
  • salt

    SoNuce]ugdiB3c[doMuce2s81*uXmcvP

Targets

    • Target

      820-57-0x0000000000440000-0x0000000000463000-memory.dmp

    • Size

      140KB

    • MD5

      1c1479fc34cd0643d9f92a86239128a7

    • SHA1

      42df908ca685fc4c6f4810fc74cdd3e93f98be86

    • SHA256

      a84e151c81ce0bdc83b746a9a4722e85bd7f000a3ff6e93003a28c14e01af247

    • SHA512

      36a240cf3f39521992021b45b1ee3f65b11017ddd0ccc4477032d5a2d45e0f9c2df27716e69b4720f9964df13cba5dfab4acd36b98c5623c36e1d086c9aef7cc

    • SSDEEP

      3072:ROCFfgTwC43xRxuE36oYA/JhI/Q3TBfvr6+:HgTV4hzuBo9/JK/Q3TBHr6

    Score
    1/10
    behavioral1behavioral2

MITRE ATT&CK Matrix

Tasks