Overview

overview

10

Static

static

10

1448-54-0x...ry.dll

windows7-x64

1

1448-54-0x...ry.dll

windows10-2004-x64

1

Sharing

Copy URL
Twitter E-mail

General

  • Target

    1448-54-0x0000000010000000-0x0000000010024000-memory.dmp

  • Size

    144KB

  • Sample

    240305-dn49csda6x

  • MD5

    989edcfc3d75290ec666030aaac7298d

  • SHA1

    011f73fd50c25fecc1b8c87f6c0e8ab17bd820db

  • SHA256

    c751e158be7e0a72c275cede577b7aab8ab8c8344883fc584fab9c37e9d8f5a5

  • SHA512

    448d241d073226ef45df489a60b8bbb884968a5a2f4c2bf49c02b8d63b85e40b55f49a4b3ff346fd51b7d657478ed33aebe80a96060cf6f9c198276991750578

  • SSDEEP

    3072:buUtexa1mQ4GH6MlnzXFAEJjsVVH2F8TBffGWpnL:b3teP/GaMlT2EJ4VVH2F8TB3

Score
10/10
qakbotbb231681291772

Malware Config

Extracted

Family

qakbot

Version

404.919

Botnet

BB23

Campaign

1681291772

C2

101.184.134.98:2222

23.30.22.225:993

104.35.24.154:443

85.2.185.70:2222

14.192.241.76:995

47.196.225.236:443

78.92.133.215:443

176.202.45.209:443

174.118.63.123:443

84.35.26.14:995

86.171.191.31:443

103.141.50.79:995

213.67.139.53:2222

172.115.17.50:443

198.2.51.242:993

69.133.162.35:443

58.162.223.233:443

91.169.12.198:32100

47.21.51.138:443

35.143.97.145:995
Attributes
  • salt

    SoNuce]ugdiB3c[doMuce2s81*uXmcvP

Targets

    • Target

      1448-54-0x0000000010000000-0x0000000010024000-memory.dmp

    • Size

      144KB

    • MD5

      989edcfc3d75290ec666030aaac7298d

    • SHA1

      011f73fd50c25fecc1b8c87f6c0e8ab17bd820db

    • SHA256

      c751e158be7e0a72c275cede577b7aab8ab8c8344883fc584fab9c37e9d8f5a5

    • SHA512

      448d241d073226ef45df489a60b8bbb884968a5a2f4c2bf49c02b8d63b85e40b55f49a4b3ff346fd51b7d657478ed33aebe80a96060cf6f9c198276991750578

    • SSDEEP

      3072:buUtexa1mQ4GH6MlnzXFAEJjsVVH2F8TBffGWpnL:b3teP/GaMlT2EJ4VVH2F8TB3

    Score
    1/10
    behavioral1behavioral2

MITRE ATT&CK Matrix

Tasks