qakbot | f6210da7865e00351c0e79464a1ba14a8ecc59dd79f650f2ff76f1697f6807b1 | Triage

Sharing

General

Target

978864d9-fedc-4a22-b5d4-35e38becb849
Size

1.9MB
Sample

201124-wm25sx9kts
MD5

2cf20a1dd3693b996de4a559f1067850
SHA1

6483bb40a7e3817f93a3ae95c6caea01715a4946
SHA256

f6210da7865e00351c0e79464a1ba14a8ecc59dd79f650f2ff76f1697f6807b1
SHA512

4b817b777ce29fa2e633dd42ca6b849d5e708eb4968e65f49aed99ecf57e38c122229bc075dc996cf944e33e4a30b1a59179a3740ccd86177dff211ce4c48099

Score

10^/10

qakbot banker cryptone packer stealer trojan

Malware Config

Targets

- Target
  
  978864d9-fedc-4a22-b5d4-35e38becb849
- Size
  
  1.9MB
- MD5
  
  2cf20a1dd3693b996de4a559f1067850
- SHA1
  
  6483bb40a7e3817f93a3ae95c6caea01715a4946
- SHA256
  
  f6210da7865e00351c0e79464a1ba14a8ecc59dd79f650f2ff76f1697f6807b1
- SHA512
  
  4b817b777ce29fa2e633dd42ca6b849d5e708eb4968e65f49aed99ecf57e38c122229bc075dc996cf944e33e4a30b1a59179a3740ccd86177dff211ce4c48099
Score

10^/10

qakbot banker stealer trojan
- Qakbot/Qbot
  Qbot or Qakbot is a sophisticated worm with banking capabilities.
  trojan banker stealer qakbot
behavioral1 behavioral2

MITRE ATT&CK Matrix ATT&CK v6

Initial Access

Execution

Persistence

Privilege Escalation

Defense Evasion

Credential Access

Discovery

Query Registry

Peripheral Device Discovery

System Information Discovery

Remote System Discovery

Lateral Movement

Collection

Exfiltration

Command and Control

Impact

Tasks

static1

behavioral1

qakbotbankerstealertrojan

behavioral2