qakbot | 2015d30fd538615b0512f0a62f5a139b611711c5807449c2e7e8d126afe95604 | Triage

Sharing

General

Target

SecuriteInfo.com.Win32.Kryptik.HDBX.1135
Size

1.8MB
Sample

201109-1ha88kgvpa
MD5

0feff992cbd09349765db7b29ee9c7f9
SHA1

1ff175a37f45002f2ac4d8c5e9581575edb84ebb
SHA256

2015d30fd538615b0512f0a62f5a139b611711c5807449c2e7e8d126afe95604
SHA512

cfb29b4b3ba0f7175785a8d1a6a59f15ed0b766dc47f0867e621f0556e61a7282046ca3094d30bafc177e432c17161f3d94d9cd59f4161a6f65d32d9e619b573

Score

10^/10

qakbot banker cryptone packer stealer trojan

Malware Config

Targets

- Target
  
  SecuriteInfo.com.Win32.Kryptik.HDBX.1135
- Size
  
  1.8MB
- MD5
  
  0feff992cbd09349765db7b29ee9c7f9
- SHA1
  
  1ff175a37f45002f2ac4d8c5e9581575edb84ebb
- SHA256
  
  2015d30fd538615b0512f0a62f5a139b611711c5807449c2e7e8d126afe95604
- SHA512
  
  cfb29b4b3ba0f7175785a8d1a6a59f15ed0b766dc47f0867e621f0556e61a7282046ca3094d30bafc177e432c17161f3d94d9cd59f4161a6f65d32d9e619b573
Score

10^/10

qakbot banker stealer trojan
- Qakbot/Qbot
  Qbot or Qakbot is a sophisticated worm with banking capabilities.
  trojan banker stealer qakbot
behavioral1 behavioral2

MITRE ATT&CK Matrix ATT&CK v6

Initial Access

Execution

Persistence

Privilege Escalation

Defense Evasion

Credential Access

Discovery

Query Registry

Peripheral Device Discovery

System Information Discovery

Remote System Discovery

Lateral Movement

Collection

Exfiltration

Command and Control

Impact

Tasks

static1

behavioral1

qakbotbankerstealertrojan

behavioral2