Overview

overview

10

Static

static

10

1120-55-0x...ry.dll

windows7-x64

1

1120-55-0x...ry.dll

windows10-2004-x64

1

Sharing

Copy URL
Twitter E-mail

General

  • Target

    1120-55-0x0000000010000000-0x0000000010024000-memory.dmp

  • Size

    144KB

  • MD5

    002dfffcbb73dafac227997ef66aed16

  • SHA1

    aadfe4f8c1bdb2672cad1f37a2498f948c420537

  • SHA256

    85008a9ef7ae87546f4d5ff341586a640cd579d009e8735afd7be3fa1d23f812

  • SHA512

    561378e3ab40f0373f21cec1e538cba5fcfdf84b310d88f3511b8fa2941b9ef9b16c7144a32406ac66d9ca9ee3cd640351417907aab97420de7f0ad3476f346f

  • SSDEEP

    3072:QHgHsJq6uUu9VrVHl8j+YAHJYTVBH88TBffMNkg:FkwUun5lC+9HJwVBH88TB3MNF

Score
10/10
bb281684145503qakbot

Malware Config

Extracted

Family

qakbot

Version

404.1038

Botnet

BB28

Campaign

1684145503

C2

74.33.196.114:443

108.190.115.159:443

47.21.51.138:443

76.16.49.134:443

113.11.92.30:443

98.19.234.243:995

197.14.208.59:443

88.126.94.4:50000

24.69.137.232:2222

70.28.50.223:32100

184.176.35.223:2222

12.172.173.82:50001

87.202.101.164:50000

70.28.50.223:2087

75.109.111.89:443

86.130.9.227:2222

12.172.173.82:32101

70.28.50.223:3389

80.12.88.148:2222

174.118.68.176:443
Attributes
  • salt

    SoNuce]ugdiB3c[doMuce2s81*uXmcvP

Signatures

  • Qakbot family
    qakbot
  • Unsigned PE 1 IoCs

    Checks for missing Authenticode signature.

Files

  • 1120-55-0x0000000010000000-0x0000000010024000-memory.dmp
    .dll windows x86


    Headers

    Sections