Overview

overview

10

Static

static

10

4584-145-0...ry.dll

windows7-x64

1

4584-145-0...ry.dll

windows10-2004-x64

3

Sharing

Copy URL Twitter E-mail

General

  • Target

    4584-145-0x0000000010000000-0x0000000010024000-memory.dmp

  • Size

    144KB

  • Sample

    230623-vy4t1sga76

  • MD5

    9efd36211e680d29a410310f3f0bfa96

  • SHA1

    c55ce8a06fc8f8b0eccbb7595e4ad00cdd147546

  • SHA256

    d9e3099afc45537f2eb7f45cf4fa1dfb46f9c305490ba63f0d8bd324497bc84f

  • SHA512

    73a27e960cfee09f1f44694e7bae84c8cac1898f0f3f73abe2035ddcb80848fcdc55b952f668604234cd35159d317d8d6257cc52f5b722c967648aaaa2c1f38f

  • SSDEEP

    3072:VnPYcZtZHhf+pE90L6+j5zZCb+dJAC8nJxmefYcTBfwFy1bWeMhM:5Vh2pE90L6mzZCSdCdnJsefYcTBIFwCK

Score
10/10
qakbotobama2711687438904

Malware Config

Extracted

Family

qakbot

Version

404.1405

Botnet

obama271

Campaign

1687438904

C2

70.28.50.223:2083

103.141.50.79:995

184.182.66.109:443

122.184.143.82:443

91.254.145.252:443

37.14.229.220:2222

64.229.117.208:2222

77.126.99.230:443

87.252.106.235:995

12.172.173.82:32101

95.230.110.222:995

88.169.33.180:2222

70.28.50.223:1194

72.80.94.230:443

191.191.1.254:995

209.171.160.69:995

45.62.67.129:443

24.234.80.122:995

81.150.169.174:2222

121.121.100.202:995

Targets

    • Target

      4584-145-0x0000000010000000-0x0000000010024000-memory.dmp

    • Size

      144KB

    • MD5

      9efd36211e680d29a410310f3f0bfa96

    • SHA1

      c55ce8a06fc8f8b0eccbb7595e4ad00cdd147546

    • SHA256

      d9e3099afc45537f2eb7f45cf4fa1dfb46f9c305490ba63f0d8bd324497bc84f

    • SHA512

      73a27e960cfee09f1f44694e7bae84c8cac1898f0f3f73abe2035ddcb80848fcdc55b952f668604234cd35159d317d8d6257cc52f5b722c967648aaaa2c1f38f

    • SSDEEP

      3072:VnPYcZtZHhf+pE90L6+j5zZCb+dJAC8nJxmefYcTBfwFy1bWeMhM:5Vh2pE90L6mzZCSdCdnJsefYcTBIFwCK

    Score
    3/10
    behavioral1behavioral2

MITRE ATT&CK Enterprise v6

Tasks