qakbot | 1888-58-0x0000000000280000-0x00000000002AA000-memory[.]dmp

General

Target

1888-58-0x0000000000280000-0x00000000002AA000-memory.dmp
Size

168KB
MD5

cfe73f35b9297caa6588a4a6c7476483
SHA1

7b3e25ae19c2622dc5a5cdb5906a31baeb024d5b
SHA256

cf21aed078615f5a41be211535b3e87d8a775ff2e38b4a3127d1dfe47454a696
SHA512

8d4193769703b5286f5545ced14403ef3cb56ba65a3ec041ea8d7470d5620b6aa1cfd7b9e112522cafa054683cf993fd6e25cf18821c158556a100fb149032ee
SSDEEP

3072:2/yw8VVeZNTEcA1RfpPRSoAeJRBDHMTBf5cg4iO/ya/X1:PzaudvfpPRSteJzDHMTBRc39/

Score

10^/10

bb05 1667208499 qakbot

Malware Config

Extracted

Family

qakbot

Version

404.14

Botnet

BB05

Campaign

1667208499

C2

174.77.209.5:443

187.0.1.74:23795

24.206.27.39:443

1.156.220.169:30723

156.216.39.119:995

58.186.75.42:443

1.156.197.160:30467

187.1.1.190:4844

186.18.210.16:443

1.181.56.171:771

90.165.109.4:2222

187.0.1.186:39742

87.57.13.215:443

187.0.1.207:52344

227.26.3.227:1

98.207.190.55:443

187.0.1.197:7017

188.49.56.189:443

102.156.160.115:443

187.0.1.24:17751

Attributes

salt
SoNuce]ugdiB3c[doMuce2s81*uXmcvP

Signatures

Qakbot family
qakbot

Files

1888-58-0x0000000000280000-0x00000000002AA000-memory.dmp
.dll windows x86

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

Sections

.text
Size: 96KB - Virtual size: 96KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 18KB - Virtual size: 18KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 7KB - Virtual size: 7KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 31KB - Virtual size: 30KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 3KB - Virtual size: 3KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Extracted

Signatures

Files

Headers

File Characteristics

Sections

.text Size: 96KB - Virtual size: 96KB

.rdata Size: 18KB - Virtual size: 18KB

.data Size: 7KB - Virtual size: 7KB

.rsrc Size: 31KB - Virtual size: 30KB

.reloc Size: 3KB - Virtual size: 3KB

.text
Size: 96KB - Virtual size: 96KB

.rdata
Size: 18KB - Virtual size: 18KB

.data
Size: 7KB - Virtual size: 7KB

.rsrc
Size: 31KB - Virtual size: 30KB

.reloc
Size: 3KB - Virtual size: 3KB