Overview

overview

10

Static

static

10

1484-54-0x...ry.dll

windows7-x64

1

1484-54-0x...ry.dll

windows10-2004-x64

1

Sharing

Copy URL
Twitter E-mail

General

  • Target

    1484-54-0x0000000010000000-0x000000001005F000-memory.dmp

  • Size

    380KB

  • Sample

    230330-njzhescd79

  • MD5

    bc6f5bc13ee2b19bf329dfeb05d75377

  • SHA1

    ef9a6af25a10a83e4ac808e49ac19002f023995b

  • SHA256

    d4c551dafe068bf1589ce830fdcac4a77a6d8019704a368c0f586e4d47b748db

  • SHA512

    eb847e3f0795bb14145ec42d1eeb2498df28ba9afe47d4528b1944a9eca93e0dc6c240c965cfde2c0769fefdbd1f140b7d5b0f3aa789a0cb4c507661d1f363e7

  • SSDEEP

    6144:cjAWFXKZwzXpsr4eeHBBPtVYWheeQJGVi+UTB8VphA2:cvFXYwzXmr4NBBPtfhevJWi+UTyjh

Score
10/10
qakbotbb211680106938

Malware Config

Extracted

Family

qakbot

Version

404.843

Botnet

BB21

Campaign

1680106938

C2

94.30.31.47:50000

72.88.245.71:443

136.35.241.159:443

74.92.243.115:50000

47.196.225.236:443

71.46.234.171:443

50.68.204.71:443

78.130.215.67:443

46.64.171.68:443

92.186.69.229:2222

68.173.170.110:8443

75.90.87.37:995

94.30.98.134:32100

24.236.90.196:2078

162.248.14.107:443

72.203.216.98:2222

67.219.197.94:443

78.69.251.252:2222

50.68.204.71:993

174.4.89.3:443
Attributes
  • salt

    SoNuce]ugdiB3c[doMuce2s81*uXmcvP

Targets

    • Target

      1484-54-0x0000000010000000-0x000000001005F000-memory.dmp

    • Size

      380KB

    • MD5

      bc6f5bc13ee2b19bf329dfeb05d75377

    • SHA1

      ef9a6af25a10a83e4ac808e49ac19002f023995b

    • SHA256

      d4c551dafe068bf1589ce830fdcac4a77a6d8019704a368c0f586e4d47b748db

    • SHA512

      eb847e3f0795bb14145ec42d1eeb2498df28ba9afe47d4528b1944a9eca93e0dc6c240c965cfde2c0769fefdbd1f140b7d5b0f3aa789a0cb4c507661d1f363e7

    • SSDEEP

      6144:cjAWFXKZwzXpsr4eeHBBPtVYWheeQJGVi+UTB8VphA2:cvFXYwzXmr4NBBPtfhevJWi+UTyjh

    Score
    1/10
    behavioral1behavioral2

MITRE ATT&CK Matrix

Tasks