qakbot | 304-57-0x0000000010000000-0x00000000100FE000-memory[.]dmp

General

Target

304-57-0x0000000010000000-0x00000000100FE000-memory.dmp
Size

1016KB
MD5

c7594476b332307d1e56faa58b92e85d
SHA1

6e07b210e2630ec2bd8a0b6d145302713531d41f
SHA256

2f7bd714ae7488db7ceba3ab4d56bd5902a08cd25684aa5a0aa45891a2d5870d
SHA512

39ad3ce858a7eb1f4c88917a8002fa9d59ee4e2f206d681c3daa35be1b7a4b6a08814c72e41190c4ddd27e07293ad44305ad15f5591fa0215116dbedf9bedb14
SSDEEP

3072:TZC17cmKI3EH67NHwMUPyvcBw7qw59H2ZqJPP/uKIxTBfyYuiujZbbRG:qaa5HwByFqY9HHJGKIxTBqVjZbVG

Score

10^/10

tr 1635953596 qakbot

Malware Config

Extracted

Family

qakbot

Version

402.388

Botnet

tr

Campaign

1635953596

C2

190.73.3.148:2222

109.177.30.138:995

181.99.138.132:465

109.228.255.59:443

94.200.181.154:443

103.150.40.76:995

216.238.71.31:443

216.238.72.121:443

216.238.72.121:995

216.238.71.31:995

177.172.5.228:995

201.172.31.95:80

67.165.206.193:993

50.194.160.233:32100

92.59.35.196:2222

89.101.97.139:443

176.35.109.202:2222

140.82.49.12:443

109.133.93.127:995

71.13.93.154:2222

Attributes

salt
jHxastDcds)oMc=jvh7wdUhxcsdt2

Signatures

Qakbot family
qakbot

Files

304-57-0x0000000010000000-0x00000000100FE000-memory.dmp
.dll windows x86

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

Sections

.text
Size: 110KB - Virtual size: 110KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 71KB - Virtual size: 70KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 6KB - Virtual size: 6KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 1KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 6KB - Virtual size: 5KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Extracted

Signatures

Files

Headers

File Characteristics

Sections

.text Size: 110KB - Virtual size: 110KB

.rdata Size: 71KB - Virtual size: 70KB

.data Size: 6KB - Virtual size: 6KB

.rsrc Size: 1KB - Virtual size: 1KB

.reloc Size: 6KB - Virtual size: 5KB

.text
Size: 110KB - Virtual size: 110KB

.rdata
Size: 71KB - Virtual size: 70KB

.data
Size: 6KB - Virtual size: 6KB

.rsrc
Size: 1KB - Virtual size: 1KB

.reloc
Size: 6KB - Virtual size: 5KB