Overview

overview

10

Static

static

10

1964-54-0x...ry.dll

windows7-x64

1

1964-54-0x...ry.dll

windows10-2004-x64

1

Sharing

Copy URL
Twitter E-mail

General

  • Target

    1964-54-0x0000000010000000-0x0000000010023000-memory.dmp

  • Size

    140KB

  • Sample

    240302-ymnkfahc93

  • MD5

    d398f3b545e225cfc8efc9da7fd1bca2

  • SHA1

    8aa3ad287d690c8bef11d44397c44ec7566b5e50

  • SHA256

    bd59b020db3068e59f3350f1b7c090755dad60f4ff5abc086346f94f4a788f76

  • SHA512

    034e7c3958f691160fb5c859ce585284b2f48ecf65652883ad54b06ad8218f56dc4fa78a2b9b3b2322c8cec763b07890ffcbb68d9211aa06d1b099ad7b7c2e35

  • SSDEEP

    3072:UjPR4nxKRttVbYKAk67CERzMRAPJyDnYMTBfPuq:UHRxbYK0CEMaPJynYMTBHN

Score
10/10
qakbotbb191678819882

Malware Config

Extracted

Family

qakbot

Version

404.263

Botnet

BB19

Campaign

1678819882

C2

162.248.14.107:443

89.32.159.107:995

50.68.186.195:443

50.68.204.71:443

24.69.84.237:443

92.239.81.124:443

149.74.159.67:2222

176.202.46.81:443

2.82.8.80:443

72.203.216.98:2222

73.22.121.210:443

190.218.125.145:443

76.71.137.91:2222

81.158.112.20:2222

190.191.35.122:443

12.172.173.82:993

98.145.23.67:443

12.172.173.82:22

37.186.55.60:2222

73.161.176.218:443
Attributes
  • salt

    SoNuce]ugdiB3c[doMuce2s81*uXmcvP

Targets

    • Target

      1964-54-0x0000000010000000-0x0000000010023000-memory.dmp

    • Size

      140KB

    • MD5

      d398f3b545e225cfc8efc9da7fd1bca2

    • SHA1

      8aa3ad287d690c8bef11d44397c44ec7566b5e50

    • SHA256

      bd59b020db3068e59f3350f1b7c090755dad60f4ff5abc086346f94f4a788f76

    • SHA512

      034e7c3958f691160fb5c859ce585284b2f48ecf65652883ad54b06ad8218f56dc4fa78a2b9b3b2322c8cec763b07890ffcbb68d9211aa06d1b099ad7b7c2e35

    • SSDEEP

      3072:UjPR4nxKRttVbYKAk67CERzMRAPJyDnYMTBfPuq:UHRxbYK0CEMaPJynYMTBHN

    Score
    1/10
    behavioral1behavioral2

MITRE ATT&CK Matrix

Tasks