Overview

overview

10

Static

static

10

740-86-0x0...ry.exe

windows7-x64

740-86-0x0...ry.exe

windows10-2004-x64

Sharing

Copy URL
Twitter E-mail

General

  • Target

    740-86-0x0000000000400000-0x00000000006A6000-memory.dmp

  • Size

    2.6MB

  • Sample

    230726-mla26sbd7t

  • MD5

    e84cce54a6094ad469814612bf26b180

  • SHA1

    38bb8d80051277dcace334a0ce266ad4fa6710c3

  • SHA256

    f1a9b678c4ac60d5da6af25b0a4a0eab3f04d482c776e8a173b782bb31e15450

  • SHA512

    1de77eedd00975e28774aac6f1a56d12ff3c2ed12b94b7a6129df37edacfdc4d38e90ed1932536dbc08e25f48267328e2ba9f85d3ee4329476d0e6b69b9c0ac6

  • SSDEEP

    12288:G6KiviCyU2ZLHqpVxTp5WK1QAPPAV/Ykfgn6ggK:DKiviC1CT45xQwkfg93

Score
10/10
qakbotspx1431592482956

Malware Config

Extracted

Family

qakbot

Version

324.142

Botnet

spx143

Campaign

1592482956

C2

39.36.254.179:995

24.139.132.70:443

24.202.42.48:2222

72.204.242.138:443

172.242.156.50:995

72.204.242.138:20

68.174.15.223:443

74.193.197.246:443

96.56.237.174:990

64.19.74.29:995

70.168.130.172:443

189.236.166.167:443

68.4.137.211:443

76.187.8.160:443

76.86.57.179:2222

73.226.220.56:443

67.250.184.157:443

75.183.171.155:3389

173.172.205.216:443

173.3.132.17:995

Targets

    • Target

      740-86-0x0000000000400000-0x00000000006A6000-memory.dmp

    • Size

      2.6MB

    • MD5

      e84cce54a6094ad469814612bf26b180

    • SHA1

      38bb8d80051277dcace334a0ce266ad4fa6710c3

    • SHA256

      f1a9b678c4ac60d5da6af25b0a4a0eab3f04d482c776e8a173b782bb31e15450

    • SHA512

      1de77eedd00975e28774aac6f1a56d12ff3c2ed12b94b7a6129df37edacfdc4d38e90ed1932536dbc08e25f48267328e2ba9f85d3ee4329476d0e6b69b9c0ac6

    • SSDEEP

      12288:G6KiviCyU2ZLHqpVxTp5WK1QAPPAV/Ykfgn6ggK:DKiviC1CT45xQwkfg93

    Score
    1/10
    behavioral1behavioral2

MITRE ATT&CK Matrix

Tasks