qakbot | 1496-57-0x0000000000320000-0x0000000000349000-memory[.]dmp

General

Target

1496-57-0x0000000000320000-0x0000000000349000-memory.dmp
Size

164KB
MD5

14d32969ef1f1d801ce8bddfe85db349
SHA1

a6fe9e80a3a42b06286a01c9eed471af6dadbe7b
SHA256

378cac27d92f3dc5c974627f70ac6a87ed944083903517783b899182f2dfd693
SHA512

2c7facb03878cb001b432637e89630c9a2b13abb1883a97fe27b22553a37230c477b4df993a2c140d291600ac430db08025b7ee64d96cb80f93e06ba6f535ef6
SSDEEP

3072:S43G+VCYzZYfvcznbzAdJsi3cwTBfFX/64gO/ya:SSVjtoczb0dJd3cwTB9X/PD/

Score

10^/10

obama213 1665998932 qakbot

Malware Config

Extracted

Family

qakbot

Version

403.973

Botnet

obama213

Campaign

1665998932

C2

70.173.248.13:443

219.71.108.177:443

206.1.189.186:443

14.246.151.175:443

102.159.77.134:995

200.233.108.153:993

134.35.3.85:443

190.199.186.117:2222

200.155.61.245:995

103.156.237.71:443

176.44.119.153:443

181.56.171.3:995

151.251.50.117:443

163.182.177.80:443

104.202.220.123:443

41.101.92.195:443

190.193.180.228:443

190.204.112.207:2222

41.97.56.102:443

41.69.209.76:443

Attributes

salt
SoNuce]ugdiB3c[doMuce2s81*uXmcvP

Signatures

Qakbot family
qakbot

Files

1496-57-0x0000000000320000-0x0000000000349000-memory.dmp
.dll windows x86

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

Sections

.text
Size: 95KB - Virtual size: 95KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 18KB - Virtual size: 18KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 6KB - Virtual size: 6KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 31KB - Virtual size: 30KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 3KB - Virtual size: 3KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Extracted

Signatures

Files

Headers

File Characteristics

Sections

.text Size: 95KB - Virtual size: 95KB

.rdata Size: 18KB - Virtual size: 18KB

.data Size: 6KB - Virtual size: 6KB

.rsrc Size: 31KB - Virtual size: 30KB

.reloc Size: 3KB - Virtual size: 3KB

.text
Size: 95KB - Virtual size: 95KB

.rdata
Size: 18KB - Virtual size: 18KB

.data
Size: 6KB - Virtual size: 6KB

.rsrc
Size: 31KB - Virtual size: 30KB

.reloc
Size: 3KB - Virtual size: 3KB