General
-
Target
1116-57-0x0000000000300000-0x0000000000329000-memory.dmp
-
Size
164KB
-
MD5
6c361e93db04f2da69ba796ff4a0626d
-
SHA1
140b543d965aee17df1d614031ee997f2d98596b
-
SHA256
f9bda9e1a0e17efb927cfea5eeee92be33e0053b0a60eaa63e1617accadd651d
-
SHA512
af9d473b1e294880bec1e816f0e7736a8b5dc15a90d28e8869e60657c3017b349b0235480880e9656aa11846700337d360d181755879131d635d8353b299e976
-
SSDEEP
3072:zcLUd5RV86uoZPHZA5Jq8TtwTBfpp/6YgO/ya:Igd5rruoZvy5J5TtwTBBp/PD/
Malware Config
Extracted
qakbot
403.973
obama213
1665998932
70.173.248.13:443
219.71.108.177:443
206.1.189.186:443
14.246.151.175:443
102.159.77.134:995
200.233.108.153:993
134.35.3.85:443
190.199.186.117:2222
200.155.61.245:995
103.156.237.71:443
176.44.119.153:443
181.56.171.3:995
151.251.50.117:443
163.182.177.80:443
104.202.220.123:443
41.101.92.195:443
190.193.180.228:443
190.204.112.207:2222
41.97.56.102:443
41.69.209.76:443
-
salt
SoNuce]ugdiB3c[doMuce2s81*uXmcvP
Signatures
-
Qakbot family
Files
-
1116-57-0x0000000000300000-0x0000000000329000-memory.dmp
Headers
Sections