qakbot | 1448-54-0x0000000010000000-0x0000000010024000-memory[.]dmp

General

Target

1448-54-0x0000000010000000-0x0000000010024000-memory.dmp
Size

144KB
MD5

989edcfc3d75290ec666030aaac7298d
SHA1

011f73fd50c25fecc1b8c87f6c0e8ab17bd820db
SHA256

c751e158be7e0a72c275cede577b7aab8ab8c8344883fc584fab9c37e9d8f5a5
SHA512

448d241d073226ef45df489a60b8bbb884968a5a2f4c2bf49c02b8d63b85e40b55f49a4b3ff346fd51b7d657478ed33aebe80a96060cf6f9c198276991750578
SSDEEP

3072:buUtexa1mQ4GH6MlnzXFAEJjsVVH2F8TBffGWpnL:b3teP/GaMlT2EJ4VVH2F8TB3

Score

10^/10

bb23 1681291772 qakbot

Malware Config

Extracted

Family

qakbot

Version

404.919

Botnet

BB23

Campaign

1681291772

C2

101.184.134.98:2222

23.30.22.225:993

104.35.24.154:443

85.2.185.70:2222

14.192.241.76:995

47.196.225.236:443

78.92.133.215:443

176.202.45.209:443

174.118.63.123:443

84.35.26.14:995

86.171.191.31:443

103.141.50.79:995

213.67.139.53:2222

172.115.17.50:443

198.2.51.242:993

69.133.162.35:443

58.162.223.233:443

91.169.12.198:32100

47.21.51.138:443

35.143.97.145:995

Attributes

salt
SoNuce]ugdiB3c[doMuce2s81*uXmcvP

Signatures

Qakbot family
qakbot

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

Processes:

resource
1448-54-0x0000000010000000-0x0000000010024000-memory.dmp

Files

1448-54-0x0000000010000000-0x0000000010024000-memory.dmp
.dll windows:6 windows x86 arch:x86

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DLL

Sections

.text
Size: 96KB - Virtual size: 96KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 20KB - Virtual size: 19KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 8KB - Virtual size: 8KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 1KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 3KB - Virtual size: 3KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Extracted

Signatures

Files

Headers

File Characteristics

Sections

.text Size: 96KB - Virtual size: 96KB

.rdata Size: 20KB - Virtual size: 19KB

.data Size: 8KB - Virtual size: 8KB

.rsrc Size: 1KB - Virtual size: 1KB

.reloc Size: 3KB - Virtual size: 3KB

.text
Size: 96KB - Virtual size: 96KB

.rdata
Size: 20KB - Virtual size: 19KB

.data
Size: 8KB - Virtual size: 8KB

.rsrc
Size: 1KB - Virtual size: 1KB

.reloc
Size: 3KB - Virtual size: 3KB