Overview

overview

10

Static

static

10

1612-54-0x...ry.dll

windows7-x64

1

1612-54-0x...ry.dll

windows10-2004-x64

1

Sharing

Copy URL
Twitter E-mail

General

  • Target

    1612-54-0x0000000000490000-0x00000000004B3000-memory.dmp

  • Size

    140KB

  • MD5

    9e9dc11f5658a7930578ff9989f79c65

  • SHA1

    4ee0d78b5d2543585b34b9f2a68b482621e44086

  • SHA256

    4eae1335759a6f3a0bffc3fdf6c358cf5dce94e7f4e6ec2a2805944ade048d8b

  • SHA512

    7f59e320cd811a272cdf5688410779e45d6b47f284a93c02ef16654e8d966c7aaa8f1480f1ce2438d9e98f2feefa7c33985310f153e7933fa5fc1a56f6ade3f2

  • SSDEEP

    3072:P5NymOzRwpxUZBq2J4ZXAAJieZD44TBffa3Ensmm:DLpxoBhCQAJnZE4TBXaWsm

Score
10/10
bb181678346091qakbot

Malware Config

Extracted

Family

qakbot

Version

404.226

Botnet

BB18

Campaign

1678346091

C2

114.143.176.235:443

92.154.17.149:2222

2.14.45.117:2222

84.108.200.161:443

109.11.175.42:2222

88.126.94.4:50000

87.202.101.164:50000

50.68.204.71:995

49.245.82.178:2222

12.172.173.82:32101

190.11.198.76:443

79.67.165.149:995

115.87.227.49:443

84.215.202.22:443

118.250.110.98:995

66.131.25.6:443

80.1.152.201:443

198.2.51.242:993

151.48.158.236:443

50.68.204.71:993
Attributes
  • salt

    SoNuce]ugdiB3c[doMuce2s81*uXmcvP

Signatures

Files

  • 1612-54-0x0000000000490000-0x00000000004B3000-memory.dmp
    .dll windows x86


    Headers

    Sections