qakbot | 1720-58-0x0000000000240000-0x0000000000262000-memory[.]dmp

General

Target

1720-58-0x0000000000240000-0x0000000000262000-memory.dmp
Size

136KB
MD5

0d7aee5fb788c2dd728587a69ff6130c
SHA1

e832cbb1716fbf13a2191ab2dae963cdbf49e647
SHA256

3d724fab7b46600861619f573dee67670bc1014da9be043ab9030cff9df9521e
SHA512

b5fa78b841052ee64f851861385cb2afe129b21ac6c297dcbbf823c64fbbcba7a25e9e41a66442ccaa8ae9ebfbcc6d30294f27567f835d04df7c5333fa0b844c
SSDEEP

1536:KN9wyL0q3Cm5JsqFKIudLHa678cBA0ZcJQ6puspIONnToIfJNp0ad76s/O:KnwBqBXsqsHdW6oUAfJbpLDFTBfJToH

Score

10^/10

bb 1664437404 qakbot

Malware Config

Extracted

Family

qakbot

Version

403.895

Botnet

BB

Campaign

1664437404

C2

113.180.55.111:443

58.186.75.42:443

105.184.56.118:995

196.206.133.114:995

80.253.189.55:443

193.3.19.137:443

41.104.80.233:443

49.205.197.13:443

186.81.122.168:443

216.238.83.82:443

216.238.83.82:995

39.44.5.104:995

196.207.146.151:443

216.238.108.61:995

139.84.167.18:995

139.84.167.18:443

216.238.108.61:443

149.28.38.16:995

134.35.12.30:443

131.100.40.13:995

Attributes

salt
SoNuce]ugdiB3c[doMuce2s81*uXmcvP

Signatures

Qakbot family
qakbot

Files

1720-58-0x0000000000240000-0x0000000000262000-memory.dmp
.dll windows x86

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

Sections

.text
Size: 95KB - Virtual size: 94KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 18KB - Virtual size: 18KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 6KB - Virtual size: 6KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 512B - Virtual size: 484B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 3KB - Virtual size: 3KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Extracted

Signatures

Files

Headers

File Characteristics

Sections

.text Size: 95KB - Virtual size: 94KB

.rdata Size: 18KB - Virtual size: 18KB

.data Size: 6KB - Virtual size: 6KB

.rsrc Size: 512B - Virtual size: 484B

.reloc Size: 3KB - Virtual size: 3KB

.text
Size: 95KB - Virtual size: 94KB

.rdata
Size: 18KB - Virtual size: 18KB

.data
Size: 6KB - Virtual size: 6KB

.rsrc
Size: 512B - Virtual size: 484B

.reloc
Size: 3KB - Virtual size: 3KB