qakbot | 748-56-0x0000000000340000-0x0000000000369000-memory[.]dmp

General

Target

748-56-0x0000000000340000-0x0000000000369000-memory.dmp
Size

164KB
MD5

73375a5fd80a02a5ba9180edf043439f
SHA1

4fa6b2ad11ca946f49fb9f77e43765bcfb5efa07
SHA256

249a41b7007067ac4c072daccff94ab0489b0059e26668f23173c83a47de50e5
SHA512

47120f745564804e79fb1e11a90ce4069e3b9d1be3b461b57d5a32cd85ee18453bbcfb24d1db41bb3c7809560f122a971616794889fec2e8b45856b74e93bacf
SSDEEP

3072:10seQDHY8wzWtRkVPi9LCisAUJawrKwTBfZMrEQO/yaY/fT:P48wzWteV697pUJJrKwTBxMrEz/g/

Score

10^/10

obama218 1666870886 qakbot

Malware Config

Extracted

Family

qakbot

Version

404.2

Botnet

obama218

Campaign

1666870886

C2

24.206.27.39:443

1.102.156.146:8707

187.1.1.118:44751

172.117.139.142:995

1.181.118.183:31745

45.35.97.45:443

187.0.1.27:28294

58.247.115.126:995

1.24.9.220:42753

187.1.1.186:48208

112.141.184.246:995

201.223.169.238:32100

68.62.199.70:443

45.49.137.80:443

187.0.1.172:28709

102.159.236.29:443

183.242.1.187:1

186.48.161.130:995

191.33.187.192:2222

154.181.228.27:995

Attributes

salt
SoNuce]ugdiB3c[doMuce2s81*uXmcvP

Signatures

Qakbot family
qakbot

Files

748-56-0x0000000000340000-0x0000000000369000-memory.dmp
.dll windows x86

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

Sections

.text
Size: 96KB - Virtual size: 95KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 18KB - Virtual size: 18KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 6KB - Virtual size: 6KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 31KB - Virtual size: 30KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 3KB - Virtual size: 3KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Extracted

Signatures

Files

Headers

File Characteristics

Sections

.text Size: 96KB - Virtual size: 95KB

.rdata Size: 18KB - Virtual size: 18KB

.data Size: 6KB - Virtual size: 6KB

.rsrc Size: 31KB - Virtual size: 30KB

.reloc Size: 3KB - Virtual size: 3KB

.text
Size: 96KB - Virtual size: 95KB

.rdata
Size: 18KB - Virtual size: 18KB

.data
Size: 6KB - Virtual size: 6KB

.rsrc
Size: 31KB - Virtual size: 30KB

.reloc
Size: 3KB - Virtual size: 3KB