Overview

overview

10

Static

static

vccorlib120ad8.exe

windows7_x64

10

vccorlib120ad8.exe

windows10_x64

4

Sharing

Copy URL
Twitter E-mail

General

  • Target

    vccorlib120ad8.exe

  • Size

    3.0MB

  • Sample

    200904-xv4hesr3jx

  • MD5

    d4fde1ee86b69d511bd06b3864471e84

  • SHA1

    0f8e8f81bacd9cd6c9ef41c1044812e6ed310036

  • SHA256

    15ce77719a116563966bcf0991e218ac915fecaeabb1e28579b1b744a366c850

  • SHA512

    58e1b26b945e6471df2b5312e5e046568b0d96d35bda8823698686aab41337c64d1f97d15048c822a0d71476d131c44078afca8764aa8763180b00f310650f44

Score
10/10
qakbotpartner011597332272bankerstealertrojan

Malware Config

Extracted

Family

qakbot

Botnet

partner01

Campaign

1597332272

C2

72.28.255.159:995

197.210.96.222:995

71.192.44.92:443

189.183.72.138:995

68.33.206.204:443

49.191.3.234:443

71.56.53.127:443

80.14.209.42:2222

24.139.132.70:443

76.187.12.181:443

89.137.211.239:443

216.201.162.158:443

151.73.112.220:443

92.59.35.196:2222

189.140.55.226:443

201.216.216.245:443

50.244.112.10:995

108.28.179.42:995

108.27.217.44:443

72.185.47.86:995

Targets

    • Target

      vccorlib120ad8.exe

    • Size

      3.0MB

    • MD5

      d4fde1ee86b69d511bd06b3864471e84

    • SHA1

      0f8e8f81bacd9cd6c9ef41c1044812e6ed310036

    • SHA256

      15ce77719a116563966bcf0991e218ac915fecaeabb1e28579b1b744a366c850

    • SHA512

      58e1b26b945e6471df2b5312e5e046568b0d96d35bda8823698686aab41337c64d1f97d15048c822a0d71476d131c44078afca8764aa8763180b00f310650f44

    Score
    10/10
    trojanbankerstealerqakbot

    • Qakbot/Qbot

      Qbot or Qakbot is a sophisticated worm with banking capabilities.

      trojanbankerstealerqakbot

    • Executes dropped EXE

    • Loads dropped DLL

    behavioral1behavioral2

MITRE ATT&CK Matrix ATT&CK v6

Initial Access

Execution

Scheduled Task

1
T1053

Persistence

Scheduled Task

1
T1053

Privilege Escalation

Scheduled Task

1
T1053

Defense Evasion

Credential Access

Discovery

Lateral Movement

Collection

Exfiltration

Command and Control

Impact

Tasks