qakbot | 836-59-0x0000000001C00000-0x0000000001C80000-memory[.]dmp | Triage

Sharing

Copy URL Twitter E-mail

General

Target

836-59-0x0000000001C00000-0x0000000001C80000-memory.dmp
Size

512KB
MD5

1b964c2e9024dfccd49795ee11b5d14f
SHA1

40b7bb5eef90372e70a3c3e0eaef4c1b79aab19f
SHA256

1f7cedc8e515848598c511faf7f3675f3f71637af0124b444587bfe7e5836a43
SHA512

63e3102fdfd683f1eb6f58e029e76d3cb32b71231af44571f6d1e8b433b06f1bc625b9c18e2682982b2301e71f3b6d1d377d33553735d4c73a321dccbeec614c
SSDEEP

1536:aAPXv1TkZg1tXC3aQLFPiNeDb8CQf9BMS+dCLPBA5uvJtntBfKIOpnToIf:aAPgRPiNeLQ8S+ApA6JVt1YBTBf

Score

10^/10

qakbot

Malware Config

Signatures

Qakbot family
qakbot

Files

836-59-0x0000000001C00000-0x0000000001C80000-memory.dmp
.dll windows x86

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

Sections

.text
Size: 95KB - Virtual size: 95KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 18KB - Virtual size: 18KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 6KB - Virtual size: 6KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 1KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 3KB - Virtual size: 3KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ