Overview

overview

10

Static

static

10

1744-55-0x...ry.dll

windows7-x64

1

1744-55-0x...ry.dll

windows10-2004-x64

1

Sharing

Copy URL
Twitter E-mail

General

  • Target

    1744-55-0x00000000001A0000-0x00000000001C4000-memory.dmp

  • Size

    144KB

  • Sample

    240305-gwzkmahb84

  • MD5

    2669cad0371eb6cbb30cf7f86d014860

  • SHA1

    1e4bc3a83e6af10278c4acf2dd2d0840aad8c1df

  • SHA256

    af89c96fe21fc9d13a05e7c1fb400ed511dd18e6a956f36547ea87ef506e81e4

  • SHA512

    1d784d2e3eb5afb4cf2164d2df50e03b21c62548c0848e6b99382b57a0b11b943699cb1b2babedc3c3db6b576d87a7c5179351f392134aaa9d687a80347fcdf8

  • SSDEEP

    3072:yna0+BXiKUAb+437jTAmLJ12/ekTBfPQWpnP:E+BShAq43vUaJY/ekTBH

Score
10/10
qakbotobama2521681377757

Malware Config

Extracted

Family

qakbot

Version

404.919

Botnet

obama252

Campaign

1681377757

C2

70.28.50.223:2083

64.121.161.102:443

95.60.243.84:995

70.28.50.223:1194

49.245.95.124:2222

184.153.132.82:443

67.219.197.94:443

174.4.89.3:443

70.28.50.223:3389

213.91.235.146:443

75.115.14.189:443

202.142.98.62:443

70.64.77.115:443

70.28.50.223:2087

103.123.223.141:443

50.68.204.71:993

81.229.117.95:2222

72.134.124.16:443

76.170.252.153:995

85.245.221.87:2078
Attributes
  • salt

    SoNuce]ugdiB3c[doMuce2s81*uXmcvP

Targets

    • Target

      1744-55-0x00000000001A0000-0x00000000001C4000-memory.dmp

    • Size

      144KB

    • MD5

      2669cad0371eb6cbb30cf7f86d014860

    • SHA1

      1e4bc3a83e6af10278c4acf2dd2d0840aad8c1df

    • SHA256

      af89c96fe21fc9d13a05e7c1fb400ed511dd18e6a956f36547ea87ef506e81e4

    • SHA512

      1d784d2e3eb5afb4cf2164d2df50e03b21c62548c0848e6b99382b57a0b11b943699cb1b2babedc3c3db6b576d87a7c5179351f392134aaa9d687a80347fcdf8

    • SSDEEP

      3072:yna0+BXiKUAb+437jTAmLJ12/ekTBfPQWpnP:E+BShAq43vUaJY/ekTBH

    Score
    1/10
    behavioral1behavioral2

MITRE ATT&CK Matrix

Tasks