Overview

overview

10

Static

static

10

1920-55-0x...ry.dll

windows7-x64

1

1920-55-0x...ry.dll

windows10-2004-x64

1

Sharing

Copy URL
Twitter E-mail

General

  • Target

    1920-55-0x0000000010000000-0x0000000010024000-memory.dmp

  • Size

    144KB

  • Sample

    240312-n73vragc8t

  • MD5

    a468377a96da4b446955c61c37726eeb

  • SHA1

    d2467859a691284bd700b25c7162e42b0cd3c911

  • SHA256

    4289e3595b6613c0d8432ce98cbf1a8368f09b728f3ff79935705657fd290350

  • SHA512

    098e1c8ff50dddaa12c6a47ed84641edbb46e201f5a2040ca6b7eb72902cb238ca339bd5272f45d42db575dbb642bf8f73a6edb0d61288cb7723c1929dee1ac2

  • SSDEEP

    3072:5ajYySWFPnCBAvkcCgIgAhtJ9mRfa8TBfwInbEwqX:WCBAv7CbVhtJgRfa8TBIIb9

Score
10/10
qakbotobama2691687245474

Malware Config

Extracted

Family

qakbot

Version

404.1382

Botnet

obama269

Campaign

1687245474

C2

91.160.70.68:32100

182.75.189.42:995

151.62.196.183:443

72.134.124.16:443

104.35.24.154:443

84.215.202.8:443

71.31.9.226:995

103.153.180.59:995

45.62.75.217:443

95.230.110.222:995

49.175.72.81:443

12.172.173.82:22

168.149.47.12:443

68.186.65.132:443

113.11.92.30:443

116.75.58.218:443

151.69.32.238:443

24.138.87.122:995

96.87.28.170:2222

147.147.30.126:2222

Targets

    • Target

      1920-55-0x0000000010000000-0x0000000010024000-memory.dmp

    • Size

      144KB

    • MD5

      a468377a96da4b446955c61c37726eeb

    • SHA1

      d2467859a691284bd700b25c7162e42b0cd3c911

    • SHA256

      4289e3595b6613c0d8432ce98cbf1a8368f09b728f3ff79935705657fd290350

    • SHA512

      098e1c8ff50dddaa12c6a47ed84641edbb46e201f5a2040ca6b7eb72902cb238ca339bd5272f45d42db575dbb642bf8f73a6edb0d61288cb7723c1929dee1ac2

    • SSDEEP

      3072:5ajYySWFPnCBAvkcCgIgAhtJ9mRfa8TBfwInbEwqX:WCBAv7CbVhtJgRfa8TBIIb9

    Score
    1/10
    behavioral1behavioral2

MITRE ATT&CK Matrix

Tasks