Overview

overview

10

Static

static

10

2036-59-0x...ry.dll

windows7-x64

1

2036-59-0x...ry.dll

windows10-2004-x64

1

Sharing

Copy URL
Twitter E-mail

General

  • Target

    2036-59-0x0000000010000000-0x0000000010023000-memory.dmp

  • Size

    140KB

  • Sample

    230204-3eaqtsfa86

  • MD5

    13ee7523ea8225b6c454d3c73875f58c

  • SHA1

    684944b609684066cb964e4fb35623e24db4781f

  • SHA256

    5c59e800e3058532c7ba1656ab7181a11bbee6c756f01ed38a025247c24e1448

  • SHA512

    ea2e01edc27980f06f7b6c8e0099e35e4a733262984103cb0e79ac3b08922b58b382aeedcb12fa158ea099ada5ee86d1af35b918c0272f9229192bddf949ee46

  • SSDEEP

    3072:+ySCR7EjSC039FFClajmDUUAfJ9Un9HTBfP9GS9Xl:+QEjSC0NTCZDUBfJ6n9HTBH9GK

Score
10/10
qakbotbb121675243711

Malware Config

Extracted

Family

qakbot

Version

404.438

Botnet

BB12

Campaign

1675243711

C2

12.172.173.82:2087

95.94.41.77:2222

73.22.121.210:443

200.109.207.186:2222

75.143.236.149:443

69.133.162.35:443

197.148.17.17:2078

82.36.36.76:443

27.0.48.233:443

90.162.45.154:2222

125.20.112.94:443

150.107.231.59:2222

91.82.5.101:443

217.128.91.196:2222

73.161.176.218:443

50.60.157.175:995

190.199.188.186:2222

93.147.235.8:443

183.87.163.165:443

82.121.195.187:2222
Attributes
  • salt

    SoNuce]ugdiB3c[doMuce2s81*uXmcvP

Targets

    • Target

      2036-59-0x0000000010000000-0x0000000010023000-memory.dmp

    • Size

      140KB

    • MD5

      13ee7523ea8225b6c454d3c73875f58c

    • SHA1

      684944b609684066cb964e4fb35623e24db4781f

    • SHA256

      5c59e800e3058532c7ba1656ab7181a11bbee6c756f01ed38a025247c24e1448

    • SHA512

      ea2e01edc27980f06f7b6c8e0099e35e4a733262984103cb0e79ac3b08922b58b382aeedcb12fa158ea099ada5ee86d1af35b918c0272f9229192bddf949ee46

    • SSDEEP

      3072:+ySCR7EjSC039FFClajmDUUAfJ9Un9HTBfP9GS9Xl:+QEjSC0NTCZDUBfJ6n9HTBH9GK

    Score
    1/10
    behavioral1behavioral2

MITRE ATT&CK Matrix

Tasks