Overview

overview

10

Static

static

8

Permission...20.xls

windows7_x64

6

Permission...20.xls

windows10_x64

10

Sharing

Copy URL
Twitter E-mail

General

  • Target

    Permission_898654266_09172020.xls

  • Size

    103KB

  • Sample

    200918-82xnn43n96

  • MD5

    94b8d6427ecda9366383fa9a14c5cf68

  • SHA1

    64524ea55eebe3465f3365888a17da2381566529

  • SHA256

    8800b7fd8e3b6b8e98c14bda53fbdfa5acfe041874345dc9b732f546fcce21c3

  • SHA512

    bb9a912d0162cc25c3ee1fc8037bfeda051599680db9da2d1d089804c9cb498c5f2928d0f5e63f4cfb7d3518ce3acc2545cc12b1b08a8149fbc1798d605a492e

Score
10/10
qakbotabc0051600415827bankermacrostealertrojan

Malware Config

Extracted

Family

qakbot

Botnet

abc005

Campaign

1600415827

C2

50.244.112.10:995

207.237.1.152:443

184.97.148.2:443

207.255.161.8:993

69.167.206.238:50001

72.36.59.46:2222

173.26.189.151:443

2.50.59.177:443

217.162.149.212:443

199.247.22.145:443

203.106.195.67:443

109.154.214.224:2222

117.199.14.31:443

175.211.225.118:443

188.51.33.232:995

50.244.112.106:443

65.30.213.13:6882

24.37.178.158:443

47.28.131.209:443

207.255.161.8:995

Targets

    • Target

      Permission_898654266_09172020.xls

    • Size

      103KB

    • MD5

      94b8d6427ecda9366383fa9a14c5cf68

    • SHA1

      64524ea55eebe3465f3365888a17da2381566529

    • SHA256

      8800b7fd8e3b6b8e98c14bda53fbdfa5acfe041874345dc9b732f546fcce21c3

    • SHA512

      bb9a912d0162cc25c3ee1fc8037bfeda051599680db9da2d1d089804c9cb498c5f2928d0f5e63f4cfb7d3518ce3acc2545cc12b1b08a8149fbc1798d605a492e

    Score
    10/10
    trojanbankerstealerqakbot

    • Qakbot/Qbot

      Qbot or Qakbot is a sophisticated worm with banking capabilities.

      trojanbankerstealerqakbot

    • Executes dropped EXE

    • Process spawned suspicious child process

      This child process is typically not spawned unless (for example) the parent process crashes. This typically indicates the parent process was unsuccessfully compromised.

    behavioral1behavioral2

MITRE ATT&CK Enterprise v6

Tasks