Overview

overview

10

Static

static

10

1616-54-0x...ry.dll

windows7-x64

1

1616-54-0x...ry.dll

windows10-2004-x64

1

Sharing

Copy URL Twitter E-mail

General

  • Target

    1616-54-0x0000000000270000-0x0000000000293000-memory.dmp

  • Size

    140KB

  • MD5

    beb045b3b3cf8d415e612aafe12eeda2

  • SHA1

    7b0907fcf6b473342315af979e2ba5384d7aef36

  • SHA256

    bfa15a3fdea43a6e002d268739c7897b5deaf2136037b2c9180bfb45ff1b28f5

  • SHA512

    e9a2e9ba5d318f477629f459087668008c5f6b6af462a245230df40b855ef8b7f97c98b91c44c2eefb556f1ccd01c22b21b15c378fa1d929e9270faf791dff35

  • SSDEEP

    3072:LJ6qxgNa56UN+XKj7sViA9JR01SkTBfPPyQ:WULN+y7yn9JK1SkTBHaQ

Score
10/10
bb191678819948qakbot

Malware Config

Extracted

Family

qakbot

Version

404.263

Botnet

BB19

Campaign

1678819948

C2

86.45.66.141:2222

93.147.134.85:443

162.248.14.107:443

89.32.159.107:995

50.68.186.195:443

50.68.204.71:443

24.69.84.237:443

92.239.81.124:443

149.74.159.67:2222

176.202.46.81:443

2.82.8.80:443

72.203.216.98:2222

73.22.121.210:443

190.218.125.145:443

76.71.137.91:2222

81.158.112.20:2222

190.191.35.122:443

12.172.173.82:993

98.145.23.67:443

12.172.173.82:22
Attributes
  • salt

    SoNuce]ugdiB3c[doMuce2s81*uXmcvP

Signatures

Files

  • 1616-54-0x0000000000270000-0x0000000000293000-memory.dmp
    .dll windows x86


    Headers

    Sections