Overview

overview

10

Static

static

10

1132-55-0x...ry.dll

windows7-x64

1

1132-55-0x...ry.dll

windows10-2004-x64

1

Sharing

Copy URL
Twitter E-mail

General

  • Target

    1132-55-0x00000000007C0000-0x00000000007E3000-memory.dmp

  • Size

    140KB

  • Sample

    240302-rsnn3aee49

  • MD5

    59dcd50342667987f8a4db807c7a6332

  • SHA1

    4b64ac95baa609dbf217f4fe4e70c315fdafb1dd

  • SHA256

    0a9481a414ad1d925c6451b1fbd71e392913d29bf67c76c738385c6f070c3e69

  • SHA512

    274fb038ade388983835a8517ec0eb53c04774c1fd86b48693cadfadb29bc8b11951d5a0cd00aba5b5c7db078c0d4edb64f697c94b8b9cdcc3d9391bbc82210e

  • SSDEEP

    3072:w/RvTz06+hBObWcRJOAmJ3L/jYTBffLnEnsFm:C+hGWc7mJb/jYTB3LGsF

Score
10/10
qakbotbb181678346091

Malware Config

Extracted

Family

qakbot

Version

404.226

Botnet

BB18

Campaign

1678346091

C2

114.143.176.235:443

92.154.17.149:2222

2.14.45.117:2222

84.108.200.161:443

109.11.175.42:2222

88.126.94.4:50000

87.202.101.164:50000

50.68.204.71:995

49.245.82.178:2222

12.172.173.82:32101

190.11.198.76:443

79.67.165.149:995

115.87.227.49:443

84.215.202.22:443

118.250.110.98:995

66.131.25.6:443

80.1.152.201:443

198.2.51.242:993

151.48.158.236:443

50.68.204.71:993
Attributes
  • salt

    SoNuce]ugdiB3c[doMuce2s81*uXmcvP

Targets

    • Target

      1132-55-0x00000000007C0000-0x00000000007E3000-memory.dmp

    • Size

      140KB

    • MD5

      59dcd50342667987f8a4db807c7a6332

    • SHA1

      4b64ac95baa609dbf217f4fe4e70c315fdafb1dd

    • SHA256

      0a9481a414ad1d925c6451b1fbd71e392913d29bf67c76c738385c6f070c3e69

    • SHA512

      274fb038ade388983835a8517ec0eb53c04774c1fd86b48693cadfadb29bc8b11951d5a0cd00aba5b5c7db078c0d4edb64f697c94b8b9cdcc3d9391bbc82210e

    • SSDEEP

      3072:w/RvTz06+hBObWcRJOAmJ3L/jYTBffLnEnsFm:C+hGWc7mJb/jYTB3LGsF

    Score
    1/10
    behavioral1behavioral2

MITRE ATT&CK Matrix

Tasks