Overview

overview

10

Static

static

10

1080-55-0x...ry.dll

windows7-x64

1

1080-55-0x...ry.dll

windows10-2004-x64

1

Sharing

Copy URL Twitter E-mail

General

  • Target

    1080-55-0x0000000010000000-0x0000000010024000-memory.dmp

  • Size

    144KB

  • MD5

    79633888f96ba54e326a7eba9a37e967

  • SHA1

    ce2348797a912df835fc6884026d54f33610ab6a

  • SHA256

    6bb0e830ae520725446e508e9c9b0bdb864e054808a9d2ba5a20ce515c1cb41b

  • SHA512

    bb0111d22f20a98a619cafdd2c1ffef9388ebce247dfbbf6e9aad29594da00640af9606e6a1b7f12ab241e2246dc9a4699c56617f9afe4ae2b0ac7fef6845268

  • SSDEEP

    3072:QHgHsJq6uUu9VrVHl8j+YAHJYTVBH+8TBffMNMg:FkwUun5lC+9HJwVBH+8TB3MNN

Score
10/10
bb281684249586qakbot

Malware Config

Extracted

Family

qakbot

Version

404.1038

Botnet

BB28

Campaign

1684249586

C2

76.178.148.107:2222

178.175.187.254:443

41.62.152.156:443

51.14.29.227:2222

47.132.248.132:443

66.180.226.117:2222

142.181.206.222:2222

86.169.48.88:443

12.172.173.82:20

94.30.98.134:32100

37.186.59.197:2222

72.134.124.16:443

99.230.89.236:2078

102.158.201.119:443

67.10.9.125:995

184.182.66.109:443

92.154.17.149:2222

47.34.30.133:443

74.92.243.115:50000

85.104.105.67:443
Attributes
  • salt

    SoNuce]ugdiB3c[doMuce2s81*uXmcvP

Signatures

  • Qakbot family
    qakbot
  • Unsigned PE 1 IoCs

    Checks for missing Authenticode signature.

Files

  • 1080-55-0x0000000010000000-0x0000000010024000-memory.dmp
    .dll windows x86


    Headers

    Sections