Overview

overview

10

Static

static

10

1720-57-0x...ry.dll

windows7-x64

1

1720-57-0x...ry.dll

windows10-2004-x64

1

Sharing

Copy URL Twitter E-mail

General

  • Target

    1720-57-0x0000000000360000-0x0000000000383000-memory.dmp

  • Size

    140KB

  • MD5

    d920ef6edbb523b2c05d87b04018954f

  • SHA1

    05489e3eb7328ed08c3830964fed75cebdea41cf

  • SHA256

    2733bc65745bf1373454db7f5c218d5bfae932314125654e9e1f5f0df0a105d4

  • SHA512

    eefac3bc0a20d193545a6a087900ce241a3ae84723cb060f2deef492c3389a148db751f39d859cf6df4858fea5226cc1c2ee96ac9da43f626b601511db6e3b19

  • SSDEEP

    3072:dlvbs6OWDNwxisp8SynFZfWOCASJ1QH8oTBffgoFQ:darWpK8jF1WOHSJ2H8oTB3goFQ

Score
10/10
obama2401676465313qakbot

Malware Config

Extracted

Family

qakbot

Version

404.510

Botnet

obama240

Campaign

1676465313

C2

87.221.197.113:2222

76.20.42.45:443

86.207.227.152:2222

109.11.175.42:2222

41.228.236.143:995

51.37.173.153:443

24.206.27.39:443

116.72.250.18:443

80.3.209.218:443

82.36.36.76:443

12.172.173.82:2087

176.142.207.63:443

66.35.126.223:2222

12.172.173.82:995

24.239.69.244:443

68.108.122.180:443

173.18.126.3:443

156.216.125.255:995

24.71.120.191:443

73.165.119.20:443
Attributes
  • salt

    SoNuce]ugdiB3c[doMuce2s81*uXmcvP

Signatures

Files

  • 1720-57-0x0000000000360000-0x0000000000383000-memory.dmp
    .dll windows x86


    Headers

    Sections