qakbot | 1628-60-0x0000000000250000-0x0000000000272000-memory[.]dmp

General

Target

1628-60-0x0000000000250000-0x0000000000272000-memory.dmp
Size

136KB
MD5

1f1ef385e88b030060a48b69c5d90605
SHA1

d98c5f08fbef99eff0e967f570d1abd0b253cad8
SHA256

e1b190e37e153532a8daf0acba9a50c2d53c56ed9251ca9cda8940b555b38ba3
SHA512

28b8ec5ffe91efc3f3be7c88f504f4b2531d39c77b86b169e86b80e06658ad08de5a893a0dfccba5123a03a525fba2fcd38f21e117199754162569cf0728f860
SSDEEP

1536:v6iewaEqCCOJsYuZSiySxmimZ5wBnBAW5KbJ9/r9fHIO8nToIfZYxCmt/+qHu:vEaJbiySMimZyBBAtJBr1pQTBfZXig

Score

10^/10

qakbot

Malware Config

Extracted

Family

qakbot

C2

70.238.223.142:65113

108.212.133.125:43749

91.204.181.165:28980

227.138.255.213:57594

252.124.102.160:59802

84.56.235.30:702

40.12.38.164:4225

163.55.16.87:6230

235.167.221.218:44172

113.34.86.36:44766

3.198.145.208:34010

194.217.45.198:36220

198.194.188.181:22851

149.133.92.184:61270

135.120.183.211:3151

45.206.222.245:43045

246.179.112.12:64397

88.106.24.76:30867

140.20.244.190:8098

218.91.78.249:2943

Attributes

salt
SoNuce]ugdiB3c[doMuce2s81*uXmcvP

Signatures

Qakbot family
qakbot

Files

1628-60-0x0000000000250000-0x0000000000272000-memory.dmp
.dll windows x86

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

Sections

.text
Size: 95KB - Virtual size: 94KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 18KB - Virtual size: 18KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 6KB - Virtual size: 6KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 1024B - Virtual size: 544B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 3KB - Virtual size: 3KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Extracted

Signatures

Files

Headers

File Characteristics

Sections

.text Size: 95KB - Virtual size: 94KB

.rdata Size: 18KB - Virtual size: 18KB

.data Size: 6KB - Virtual size: 6KB

.rsrc Size: 1024B - Virtual size: 544B

.reloc Size: 3KB - Virtual size: 3KB

.text
Size: 95KB - Virtual size: 94KB

.rdata
Size: 18KB - Virtual size: 18KB

.data
Size: 6KB - Virtual size: 6KB

.rsrc
Size: 1024B - Virtual size: 544B

.reloc
Size: 3KB - Virtual size: 3KB