Overview

overview

10

Static

static

10

2040-55-0x...ry.dll

windows7-x64

1

2040-55-0x...ry.dll

windows10-2004-x64

1

Sharing

Copy URL
Twitter E-mail

General

  • Target

    2040-55-0x0000000000200000-0x0000000000224000-memory.dmp

  • Size

    144KB

  • Sample

    230616-p6157seg6x

  • MD5

    1f83c09617d03f53ce67f92e5dd561d6

  • SHA1

    7f67fac9e4b3e95fbeb9b2a7f7da838bf14acb6a

  • SHA256

    921d022f41c5d1e98ab24c901ed51ca409400834b5d678fb08561687b5be2e0a

  • SHA512

    05bc90fd770b4a7fb7c4c8e0b0cf6e7c6ef60325d5719f3eb166fdb7795f9d0d3d101ad410cd7df727535e0dc2fe830505a025fa545cc874856ccb39e6ebec96

  • SSDEEP

    3072:1hwW5VE0wkrovXSWNyhwAsohKJJG/F8TBfwsGEdpn:NwkKSW4hFPhKJA/F8TBIsFdpn

Score
10/10
qakbotbb321686908761

Malware Config

Extracted

Family

qakbot

Version

404.1374

Botnet

BB32

Campaign

1686908761

C2

86.176.144.175:2222

86.248.228.57:2078

88.171.156.150:50000

183.87.163.165:443

45.201.208.87:443

74.12.147.205:2222

96.87.28.170:2222

70.28.50.223:32100

220.79.238.82:443

12.172.173.82:995

45.2.61.134:3389

70.160.67.203:443

103.141.50.45:995

88.126.94.4:50000

70.28.50.223:3389

142.181.206.222:2222

51.37.181.9:443

223.166.13.95:995

162.248.14.107:443

95.45.50.93:2222

Targets

    • Target

      2040-55-0x0000000000200000-0x0000000000224000-memory.dmp

    • Size

      144KB

    • MD5

      1f83c09617d03f53ce67f92e5dd561d6

    • SHA1

      7f67fac9e4b3e95fbeb9b2a7f7da838bf14acb6a

    • SHA256

      921d022f41c5d1e98ab24c901ed51ca409400834b5d678fb08561687b5be2e0a

    • SHA512

      05bc90fd770b4a7fb7c4c8e0b0cf6e7c6ef60325d5719f3eb166fdb7795f9d0d3d101ad410cd7df727535e0dc2fe830505a025fa545cc874856ccb39e6ebec96

    • SSDEEP

      3072:1hwW5VE0wkrovXSWNyhwAsohKJJG/F8TBfwsGEdpn:NwkKSW4hFPhKJA/F8TBIsFdpn

    Score
    1/10
    behavioral1behavioral2

MITRE ATT&CK Matrix

Tasks