Overview

overview

10

Static

static

10

1796-57-0x...ry.dll

windows7-x64

1

1796-57-0x...ry.dll

windows10-2004-x64

1

Sharing

Copy URL
Twitter E-mail

General

  • Target

    1796-57-0x0000000000720000-0x0000000000743000-memory.dmp

  • Size

    140KB

  • Sample

    230203-kyx2csde54

  • MD5

    0cd1c6716009533bed2d47ae0ae51d45

  • SHA1

    8a4d7ac33738ffcd4e3d34d75a28aa32afd6f17d

  • SHA256

    4345341f6c062c955f5d7dc811135bbe5a26685c773d521f081a19218e86aceb

  • SHA512

    a3e0107b2e304c221174c2758b3ed99cebbff2c1fffee000f795501386cc064330a03e3ff890c62bc643fe6b8d32231cee65ea9627fedce780f2f34e9ecc41cc

  • SSDEEP

    3072:38CrZ6LBimQTHPQ4ZRsQyAjJjARvMDTBf/1gA:j6LBimYvQZQXjJMRvMDTBX1g

Score
10/10
qakbotbb121675352134

Malware Config

Extracted

Family

qakbot

Version

404.432

Botnet

BB12

Campaign

1675352134

C2

213.67.255.57:2222

86.96.72.139:2222

119.82.122.226:443

86.96.34.182:2222

12.172.173.82:50001

107.146.12.26:2222

97.116.78.96:443

47.61.70.188:2078

197.148.17.17:2078

82.127.204.82:2222

82.121.195.187:2222

73.155.10.79:443

91.231.173.199:995

86.196.12.21:2222

90.78.51.182:2222

90.165.109.4:2222

202.186.177.88:443

92.27.86.48:2222

88.171.156.150:50000

78.130.215.67:443
Attributes
  • salt

    SoNuce]ugdiB3c[doMuce2s81*uXmcvP

Targets

    • Target

      1796-57-0x0000000000720000-0x0000000000743000-memory.dmp

    • Size

      140KB

    • MD5

      0cd1c6716009533bed2d47ae0ae51d45

    • SHA1

      8a4d7ac33738ffcd4e3d34d75a28aa32afd6f17d

    • SHA256

      4345341f6c062c955f5d7dc811135bbe5a26685c773d521f081a19218e86aceb

    • SHA512

      a3e0107b2e304c221174c2758b3ed99cebbff2c1fffee000f795501386cc064330a03e3ff890c62bc643fe6b8d32231cee65ea9627fedce780f2f34e9ecc41cc

    • SSDEEP

      3072:38CrZ6LBimQTHPQ4ZRsQyAjJjARvMDTBf/1gA:j6LBimYvQZQXjJMRvMDTBX1g

    Score
    1/10
    behavioral1behavioral2

MITRE ATT&CK Matrix

Tasks