qakbot | 776-54-0x0000000000180000-0x00000000001A3000-memory[.]dmp

General

Target

776-54-0x0000000000180000-0x00000000001A3000-memory.dmp
Size

140KB
MD5

c8cad6f968afa52f7658b10576831572
SHA1

26045da5f928cab5510d8155574f66a5ee826d2d
SHA256

6f8376292e16236cea627dfac9cf3735efbe08e73534439f72ca7232f028a933
SHA512

92b102a2aac07e45379270f99e5cf6f821760025b7596d2d7cd062fe3789c4986cea6aea6707ce825f196fca1b37d09cae4313ddc721a9874c34fb704ad3df27
SSDEEP

3072:HQLSo1suuRgc3aFSqA0Jua3/QTBfftG8LM/K:euRFa0/0Jn3/QTBXta/

Score

10^/10

bb19 1678708246 qakbot

Malware Config

Extracted

Family

qakbot

Version

404.246

Botnet

BB19

Campaign

1678708246

C2

103.111.70.115:995

103.123.223.144:443

217.165.232.217:443

12.172.173.82:995

86.98.216.189:2222

173.18.126.3:443

201.244.108.183:995

75.143.236.149:443

91.169.12.198:32100

47.61.70.76:2078

88.126.94.4:50000

24.239.69.244:443

12.172.173.82:21

103.141.50.102:995

69.133.162.35:443

81.158.112.20:2222

115.87.227.49:443

12.172.173.82:20

86.225.214.138:2222

74.66.134.24:443

Attributes

salt
SoNuce]ugdiB3c[doMuce2s81*uXmcvP

Signatures

Qakbot family
qakbot

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

Processes:

resource
776-54-0x0000000000180000-0x00000000001A3000-memory.dmp

Files

776-54-0x0000000000180000-0x00000000001A3000-memory.dmp
.dll windows:6 windows x86 arch:x86

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DLL

Sections

.text
Size: 99KB - Virtual size: 98KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 20KB - Virtual size: 19KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 8KB - Virtual size: 7KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 1KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 3KB - Virtual size: 3KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Extracted

Signatures

Files

Headers

File Characteristics

Sections

.text Size: 99KB - Virtual size: 98KB

.rdata Size: 20KB - Virtual size: 19KB

.data Size: 8KB - Virtual size: 7KB

.rsrc Size: 1KB - Virtual size: 1KB

.reloc Size: 3KB - Virtual size: 3KB

.text
Size: 99KB - Virtual size: 98KB

.rdata
Size: 20KB - Virtual size: 19KB

.data
Size: 8KB - Virtual size: 7KB

.rsrc
Size: 1KB - Virtual size: 1KB

.reloc
Size: 3KB - Virtual size: 3KB