Overview

overview

10

Static

static

10

1948-3-0x0...ry.dll

windows7-x64

1

1948-3-0x0...ry.dll

windows10-2004-x64

1

Sharing

Copy URL
Twitter E-mail

General

  • Target

    1948-3-0x0000000000460000-0x0000000000482000-memory.dmp

  • Size

    136KB

  • Sample

    231128-lal5maha2v

  • MD5

    e32bc76075158fd38e172bb2a6d38021

  • SHA1

    85a150506fd7ea63cd1e98fc6ab5d8510702408f

  • SHA256

    a3ec680e123b5dbaed861dc43bf5a5da94d48730ccc3144519b310e2affb6484

  • SHA512

    83c8cedae2952df48c6e97d18fe72fa29f8e3c1e0a17361f87236c0dc9c10a3fc6fd1f8acd30c4d6f0178feeba123c1c5442a02e96147354731803c07ca951f9

  • SSDEEP

    3072:2rw7duvCaNgn3sg8CArJBnHuNTBf95AO:57duvtan3SHrJJHuNTBV5AO

Score
10/10
qakbotobama2071664363417

Malware Config

Extracted

Family

qakbot

Version

403.895

Botnet

obama207

Campaign

1664363417

C2

217.165.146.158:993

41.97.179.58:443

86.132.13.49:2078

197.203.50.195:443

85.245.143.94:443

86.196.181.62:2222

102.190.190.242:995

105.184.133.198:995

179.111.23.186:32101

179.251.119.206:995

84.3.85.30:443

39.44.5.104:995

197.41.235.69:995

193.3.19.137:443

186.81.122.168:443

103.173.121.17:443

41.104.80.233:443

102.189.184.12:995

156.199.90.139:443

14.168.180.223:443
Attributes
  • salt

    SoNuce]ugdiB3c[doMuce2s81*uXmcvP

Targets

    • Target

      1948-3-0x0000000000460000-0x0000000000482000-memory.dmp

    • Size

      136KB

    • MD5

      e32bc76075158fd38e172bb2a6d38021

    • SHA1

      85a150506fd7ea63cd1e98fc6ab5d8510702408f

    • SHA256

      a3ec680e123b5dbaed861dc43bf5a5da94d48730ccc3144519b310e2affb6484

    • SHA512

      83c8cedae2952df48c6e97d18fe72fa29f8e3c1e0a17361f87236c0dc9c10a3fc6fd1f8acd30c4d6f0178feeba123c1c5442a02e96147354731803c07ca951f9

    • SSDEEP

      3072:2rw7duvCaNgn3sg8CArJBnHuNTBf95AO:57duvtan3SHrJJHuNTBV5AO

    Score
    1/10
    behavioral1behavioral2

MITRE ATT&CK Matrix

Tasks