qakbot | 1448-54-0x0000000010000000-0x0000000010023000-memory[.]dmp

General

Target

1448-54-0x0000000010000000-0x0000000010023000-memory.dmp
Size

140KB
MD5

4973e7a918a6e0213643607c5a1cd5f6
SHA1

8db5ed13fe790a02c0e59d69bc056e675270bb74
SHA256

97fecdf6b1ef1a0dfac6b8ee72330ad5393b33290067b443c62315ab9885e2ae
SHA512

8f7057f1b4a55fdabe39a7b9bb636e7c92e2874ccbd0284fbf9f31ef442f5c30b725789bb37fe378881b7fc09766b01002c0633da25671e60813fb4d735a1a51
SSDEEP

3072:eaYogKI1keZwRYc/XCggn9wSAUJ2yn3zwTBfP1W8LEN:efZwR1Cgg9w3UJHn3zwTBH1S

Score

10^/10

bb19 1678774690 qakbot

Malware Config

Extracted

Family

qakbot

Version

404.246

Botnet

BB19

Campaign

1678774690

C2

81.229.117.95:2222

67.248.21.32:443

47.34.30.133:443

49.175.72.7:443

76.80.180.154:995

24.117.237.157:443

35.143.97.145:995

92.1.170.110:995

105.186.229.59:995

183.87.163.165:443

76.170.252.153:995

136.232.184.134:995

86.10.146.216:443

109.158.144.102:995

50.68.204.71:995

80.1.152.201:443

71.65.145.108:443

12.172.173.82:465

72.80.7.6:50003

184.153.132.82:443

Attributes

salt
SoNuce]ugdiB3c[doMuce2s81*uXmcvP

Signatures

Qakbot family
qakbot

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

Processes:

resource
1448-54-0x0000000010000000-0x0000000010023000-memory.dmp

Files

1448-54-0x0000000010000000-0x0000000010023000-memory.dmp
.dll windows:6 windows x86 arch:x86

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DLL

Sections

.text
Size: 99KB - Virtual size: 98KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 20KB - Virtual size: 19KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 8KB - Virtual size: 7KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 1KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 3KB - Virtual size: 3KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Extracted

Signatures

Files

Headers

File Characteristics

Sections

.text Size: 99KB - Virtual size: 98KB

.rdata Size: 20KB - Virtual size: 19KB

.data Size: 8KB - Virtual size: 7KB

.rsrc Size: 1KB - Virtual size: 1KB

.reloc Size: 3KB - Virtual size: 3KB

.text
Size: 99KB - Virtual size: 98KB

.rdata
Size: 20KB - Virtual size: 19KB

.data
Size: 8KB - Virtual size: 7KB

.rsrc
Size: 1KB - Virtual size: 1KB

.reloc
Size: 3KB - Virtual size: 3KB