General
-
Target
608-55-0x0000000010000000-0x0000000010024000-memory.dmp
-
Size
144KB
-
Sample
230505-sfr2dsdb3s
-
MD5
4bf2bd48c563bd86fa34ea30ba01d3df
-
SHA1
2d9bac3386725e1ddee03f95b3411cfcc29348dc
-
SHA256
1a99d1f081b81e89d5fbc23f2a2b03e8dc22ca1eb1a8d15c5e358832760cece2
-
SHA512
afb30c1fab729939fba9d4b1a149f89246ccab8f0c5d0b176546979f6c191f42bc042dd1742c629ed2350722cba8b9ae79f31c9eb7cad133829714290772cd3e
-
SSDEEP
3072:hg0KGh5Z8j3EzihlFsUA9QJb4VMHk8TBff5BQ:dKGJGEz+lOB2JEVMHk8TB3bQ
Behavioral task
behavioral1
Sample
608-55-0x0000000010000000-0x0000000010024000-memory.dll
Resource
win7-20230220-en
Behavioral task
behavioral2
Sample
608-55-0x0000000010000000-0x0000000010024000-memory.dll
Resource
win10v2004-20230220-en
Malware Config
Extracted
qakbot
404.1035
obama261
1683268508
174.4.89.3:443
23.30.173.133:443
70.51.136.238:2222
68.173.170.110:8443
47.21.51.138:443
70.64.77.115:443
76.16.49.134:443
64.121.161.102:443
108.190.115.159:443
98.19.224.125:995
12.172.173.82:465
147.219.4.194:443
86.250.12.86:2222
188.176.171.3:443
88.126.94.4:50000
87.202.101.164:50000
74.92.243.115:50000
98.176.5.56:443
198.2.51.242:993
75.98.154.19:443
86.130.9.128:2222
92.186.69.229:2222
85.61.165.153:2222
24.69.137.232:2222
173.184.44.185:443
99.230.89.236:2078
47.205.25.170:443
147.147.30.126:2222
75.109.111.89:443
197.94.78.32:443
96.56.197.26:2222
12.172.173.82:995
93.150.183.229:2222
75.143.236.149:443
14.192.241.76:995
76.86.31.59:443
80.6.50.34:443
184.153.132.82:443
201.244.108.183:995
193.253.53.157:2078
89.129.109.27:2222
102.157.51.147:443
109.159.119.82:2222
103.123.223.171:443
70.28.50.223:1194
161.142.98.36:995
50.68.204.71:993
186.64.67.41:443
172.115.17.50:443
68.229.150.95:443
70.28.50.223:32100
98.145.23.67:443
50.68.204.71:995
96.56.197.26:2083
12.172.173.82:21
110.226.182.175:443
70.28.50.223:3389
85.53.128.200:3389
12.172.173.82:32101
176.133.4.230:995
94.59.122.53:2222
24.206.27.39:443
91.169.12.198:32100
151.55.186.41:443
12.172.173.82:993
2.82.8.80:443
104.35.24.154:443
103.140.174.20:2222
5.30.216.183:443
50.68.204.71:443
173.88.135.179:443
71.38.155.217:443
71.34.185.40:443
35.143.97.145:995
211.248.50.162:443
98.147.155.235:443
162.248.14.107:443
103.111.70.66:443
139.226.47.229:995
103.42.86.42:995
27.0.48.233:443
174.58.146.57:443
103.141.50.79:995
178.175.187.254:443
125.99.69.178:443
217.165.234.249:443
83.92.85.93:443
213.91.235.146:443
90.104.151.37:2222
78.192.109.105:2222
92.9.45.20:2222
70.28.50.223:2083
12.172.173.82:2087
122.184.143.85:443
76.178.148.107:2222
69.133.162.35:443
74.93.148.97:995
184.182.66.109:443
71.78.95.86:995
70.112.206.5:443
58.162.223.233:443
81.229.117.95:2222
72.134.124.16:443
12.172.173.82:20
201.208.46.165:2222
67.10.9.125:995
188.28.72.118:443
99.230.89.236:2083
43.243.215.210:443
157.119.85.203:443
12.172.173.82:50001
77.124.5.149:443
98.37.25.99:443
96.56.197.26:2078
103.113.68.33:443
176.142.207.63:443
58.186.75.42:443
12.172.173.82:22
114.143.176.235:443
-
salt
SoNuce]ugdiB3c[doMuce2s81*uXmcvP
Targets
-
-
Target
608-55-0x0000000010000000-0x0000000010024000-memory.dmp
-
Size
144KB
-
MD5
4bf2bd48c563bd86fa34ea30ba01d3df
-
SHA1
2d9bac3386725e1ddee03f95b3411cfcc29348dc
-
SHA256
1a99d1f081b81e89d5fbc23f2a2b03e8dc22ca1eb1a8d15c5e358832760cece2
-
SHA512
afb30c1fab729939fba9d4b1a149f89246ccab8f0c5d0b176546979f6c191f42bc042dd1742c629ed2350722cba8b9ae79f31c9eb7cad133829714290772cd3e
-
SSDEEP
3072:hg0KGh5Z8j3EzihlFsUA9QJb4VMHk8TBff5BQ:dKGJGEz+lOB2JEVMHk8TB3bQ
Score1/10 -