qakbot | 1136-60-0x00000000000C0000-0x00000000000E2000-memory[.]dmp

General

Target

1136-60-0x00000000000C0000-0x00000000000E2000-memory.dmp
Size

136KB
MD5

c931e4bbb4dfc8a99ec3101abe682cde
SHA1

9417c26d0f627d31047eb83a974e49e7c2110f7b
SHA256

be0eb1599ab165ab429846b5d79069c7454e2ad90df535235bc5edd0440ebe28
SHA512

e035eebdde796e8515b4e8d42b059e2c28057cc13b3b523eb26f63dd6a0a40211c5906152c07044c95dd416b303bffdfc30d0b84df8a51782d6348ca8738ad1a
SSDEEP

1536:iTB1AMxbUkCmMwlx06t6Y+FTfySrckBAnkR0JQSBWkXIOdnToIfJF50ad7KZ/O:inA5Qr7060nFeSIcA/JjBr5VTBfJroU

Score

10^/10

bb 1664437404 qakbot

Malware Config

Extracted

Family

qakbot

Version

403.895

Botnet

BB

Campaign

1664437404

C2

113.180.55.111:443

58.186.75.42:443

105.184.56.118:995

196.206.133.114:995

80.253.189.55:443

193.3.19.137:443

41.104.80.233:443

49.205.197.13:443

186.81.122.168:443

216.238.83.82:443

216.238.83.82:995

39.44.5.104:995

196.207.146.151:443

216.238.108.61:995

139.84.167.18:995

139.84.167.18:443

216.238.108.61:443

149.28.38.16:995

134.35.12.30:443

131.100.40.13:995

Attributes

salt
SoNuce]ugdiB3c[doMuce2s81*uXmcvP

Signatures

Qakbot family
qakbot

Files

1136-60-0x00000000000C0000-0x00000000000E2000-memory.dmp
.dll windows x86

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

Sections

.text
Size: 95KB - Virtual size: 94KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 18KB - Virtual size: 18KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 6KB - Virtual size: 6KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 512B - Virtual size: 484B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 3KB - Virtual size: 3KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Extracted

Signatures

Files

Headers

File Characteristics

Sections

.text Size: 95KB - Virtual size: 94KB

.rdata Size: 18KB - Virtual size: 18KB

.data Size: 6KB - Virtual size: 6KB

.rsrc Size: 512B - Virtual size: 484B

.reloc Size: 3KB - Virtual size: 3KB

.text
Size: 95KB - Virtual size: 94KB

.rdata
Size: 18KB - Virtual size: 18KB

.data
Size: 6KB - Virtual size: 6KB

.rsrc
Size: 512B - Virtual size: 484B

.reloc
Size: 3KB - Virtual size: 3KB