Overview

overview

10

Static

static

10

1712-55-0x...ry.dll

windows7-x64

1

1712-55-0x...ry.dll

windows10-2004-x64

1

Sharing

Copy URL
Twitter E-mail

General

  • Target

    1712-55-0x0000000000880000-0x00000000008A3000-memory.dmp

  • Size

    140KB

  • Sample

    240302-qxtkfadh41

  • MD5

    f3bf61366414ec48602682515bee7366

  • SHA1

    aea7e500a3bdf3f29a98a83ac1309f0f8ced2a50

  • SHA256

    a11a5f89aaca1189d9566dcb68b0052cb0da892769e2e71f5d4a8e558b9f582e

  • SHA512

    80b876f205b3ffd17ce82eb45ac7df7040dec76318e7c8fd9b3326cf3650059bd83264bf921a4c748ebc1308433d3baa2f39457b62c80ad2aea10f43b7dd0ba0

  • SSDEEP

    3072:8P9TnzYqMf5ndgq891iAmJjVRCA3stwTBffnXEns3pm:mi5uqcnmJZRCA3awTB3n2sZ

Score
10/10
qakbotbb181678346091

Malware Config

Extracted

Family

qakbot

Version

404.226

Botnet

BB18

Campaign

1678346091

C2

114.143.176.235:443

92.154.17.149:2222

2.14.45.117:2222

84.108.200.161:443

109.11.175.42:2222

88.126.94.4:50000

87.202.101.164:50000

50.68.204.71:995

49.245.82.178:2222

12.172.173.82:32101

190.11.198.76:443

79.67.165.149:995

115.87.227.49:443

84.215.202.22:443

118.250.110.98:995

66.131.25.6:443

80.1.152.201:443

198.2.51.242:993

151.48.158.236:443

50.68.204.71:993
Attributes
  • salt

    SoNuce]ugdiB3c[doMuce2s81*uXmcvP

Targets

    • Target

      1712-55-0x0000000000880000-0x00000000008A3000-memory.dmp

    • Size

      140KB

    • MD5

      f3bf61366414ec48602682515bee7366

    • SHA1

      aea7e500a3bdf3f29a98a83ac1309f0f8ced2a50

    • SHA256

      a11a5f89aaca1189d9566dcb68b0052cb0da892769e2e71f5d4a8e558b9f582e

    • SHA512

      80b876f205b3ffd17ce82eb45ac7df7040dec76318e7c8fd9b3326cf3650059bd83264bf921a4c748ebc1308433d3baa2f39457b62c80ad2aea10f43b7dd0ba0

    • SSDEEP

      3072:8P9TnzYqMf5ndgq891iAmJjVRCA3stwTBffnXEns3pm:mi5uqcnmJZRCA3awTB3n2sZ

    Score
    1/10
    behavioral1behavioral2

MITRE ATT&CK Matrix

Tasks