Overview

overview

10

Static

static

10

940-57-0x0...ry.dll

windows7-x64

1

940-57-0x0...ry.dll

windows10-2004-x64

1

Sharing

Copy URL Twitter E-mail

General

  • Target

    940-57-0x0000000000240000-0x0000000000263000-memory.dmp

  • Size

    140KB

  • MD5

    ac58ec314315518f9ccc332ffab928ea

  • SHA1

    e1919fdffca7d8878e22bbf3ae396d8c69f6ee4b

  • SHA256

    f6112c9dedbb766034bf2cc3f75702c4c899f7ee4fef6597e8d1866dac02e87e

  • SHA512

    6c8dad2b5b12c5f3d78a19539ead22780fd8a1cd1a428d4a94c92ec667f53919c49b155c1064b41d9bae859fd7e348cb8351d256f511028144517e364d14ffe9

  • SSDEEP

    3072:9fxbTyyX5HLmOxNDFp/s1FAmJ3y/ShETBfvyozQ:9MyJrmO/F9s12mJi/cETBHyozQ

Score
10/10
obama2401676465313qakbot

Malware Config

Extracted

Family

qakbot

Version

404.510

Botnet

obama240

Campaign

1676465313

C2

87.221.197.113:2222

76.20.42.45:443

86.207.227.152:2222

109.11.175.42:2222

41.228.236.143:995

51.37.173.153:443

24.206.27.39:443

116.72.250.18:443

80.3.209.218:443

82.36.36.76:443

12.172.173.82:2087

176.142.207.63:443

66.35.126.223:2222

12.172.173.82:995

24.239.69.244:443

68.108.122.180:443

173.18.126.3:443

156.216.125.255:995

24.71.120.191:443

73.165.119.20:443
Attributes
  • salt

    SoNuce]ugdiB3c[doMuce2s81*uXmcvP

Signatures

Files

  • 940-57-0x0000000000240000-0x0000000000263000-memory.dmp
    .dll windows x86


    Headers

    Sections