Overview

overview

10

Static

static

10

632-55-0x0...ry.dll

windows7-x64

1

632-55-0x0...ry.dll

windows10-2004-x64

1

Sharing

Copy URL
Twitter E-mail

General

  • Target

    632-55-0x0000000010000000-0x0000000010024000-memory.dmp

  • Size

    144KB

  • Sample

    240311-yrllmseh67

  • MD5

    8b5cbdaecf931f12b278d9a027dbbd97

  • SHA1

    6b7cd10c781042ed2e4c9bf4951aa4cac0c4a5cf

  • SHA256

    03615e5a368ed471aea01e42bc273bec632187c34e178855584e4cf1759575be

  • SHA512

    a71e72619174f655cf68f2fe74c283781f4466bac16ce15a637983c0027a15dc2ac68b3fb8172e5aa2c51627757502a549489434ed2d9cad0d502bbc5207c613

  • SSDEEP

    3072:1BQGpV0kS95ObbMv8mCOihAAfBqJZmtf7cTBfw8mERkFu:NS9kPyCVh1fBqJEtf7cTBI8lRkFu

Score
10/10
qakbotbb321686735623

Malware Config

Extracted

Family

qakbot

Version

404.1374

Botnet

BB32

Campaign

1686735623

C2

86.129.138.170:443

113.11.92.30:443

12.172.173.82:2087

72.205.104.134:443

84.213.236.225:995

92.186.69.229:2222

1.221.179.74:443

103.141.50.43:995

58.162.223.233:443

96.242.126.116:2222

92.154.17.149:2222

75.109.111.89:443

125.99.76.102:443

80.12.88.148:2222

109.149.147.195:2222

27.99.32.26:2222

70.28.50.223:3389

70.28.50.223:32100

86.97.96.62:2222

66.241.183.99:443

Targets

    • Target

      632-55-0x0000000010000000-0x0000000010024000-memory.dmp

    • Size

      144KB

    • MD5

      8b5cbdaecf931f12b278d9a027dbbd97

    • SHA1

      6b7cd10c781042ed2e4c9bf4951aa4cac0c4a5cf

    • SHA256

      03615e5a368ed471aea01e42bc273bec632187c34e178855584e4cf1759575be

    • SHA512

      a71e72619174f655cf68f2fe74c283781f4466bac16ce15a637983c0027a15dc2ac68b3fb8172e5aa2c51627757502a549489434ed2d9cad0d502bbc5207c613

    • SSDEEP

      3072:1BQGpV0kS95ObbMv8mCOihAAfBqJZmtf7cTBfw8mERkFu:NS9kPyCVh1fBqJEtf7cTBI8lRkFu

    Score
    1/10
    behavioral1behavioral2

MITRE ATT&CK Matrix

Tasks