qakbot | 3220-137-0x0000000010000000-0x0000000010023000-memory[.]dmp

General

Target

3220-137-0x0000000010000000-0x0000000010023000-memory.dmp
Size

140KB
MD5

c5ac9f7eedbdf6e51bd3011db671bbb2
SHA1

aae8b67376c4df0f3655ac3715708a0b208b0a14
SHA256

d32c6b8f86884ca76455c9914f7143e9469dd948d32a7c6212629645a016a44f
SHA512

3bac6ad5f214e83dd44b7341a5164094af3ecfe0c3a8324a69dcbb9cf9c1d63ef5ec6a1d0a6a0540bc12b0dcb3b7ca0a33997592f97caf4f20a9d31c0b3c1022
SSDEEP

3072:IKUR+AIznCp7BQCrZJzSWjsdA0Jl0nr8TBfPVo/jr:IbIznCVKCtcWjs+0J6nr8TBHVo/jr

Score

10^/10

obama239 1675927483 qakbot

Malware Config

Extracted

Family

qakbot

Version

404.506

Botnet

obama239

Campaign

1675927483

C2

174.104.184.149:443

76.170.252.153:995

171.97.42.67:443

27.0.48.205:443

83.114.60.6:2222

87.202.101.164:50000

88.126.112.14:50000

35.143.97.145:995

104.35.24.154:443

98.145.23.67:443

98.147.155.235:443

24.64.112.40:61202

24.64.112.40:2222

114.143.176.234:443

85.231.105.49:2222

181.118.206.65:995

82.127.204.82:2222

86.194.156.14:2222

108.2.111.66:995

156.217.208.137:995

Attributes

salt
SoNuce]ugdiB3c[doMuce2s81*uXmcvP

Signatures

Qakbot family
qakbot

Files

3220-137-0x0000000010000000-0x0000000010023000-memory.dmp
.dll windows x86

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

Sections

.text
Size: 99KB - Virtual size: 99KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 20KB - Virtual size: 19KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 7KB - Virtual size: 7KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 1KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 3KB - Virtual size: 3KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Extracted

Signatures

Files

Headers

File Characteristics

Sections

.text Size: 99KB - Virtual size: 99KB

.rdata Size: 20KB - Virtual size: 19KB

.data Size: 7KB - Virtual size: 7KB

.rsrc Size: 1KB - Virtual size: 1KB

.reloc Size: 3KB - Virtual size: 3KB

.text
Size: 99KB - Virtual size: 99KB

.rdata
Size: 20KB - Virtual size: 19KB

.data
Size: 7KB - Virtual size: 7KB

.rsrc
Size: 1KB - Virtual size: 1KB

.reloc
Size: 3KB - Virtual size: 3KB