qakbot | 05fc949a1d235d88ebf502b47633eb9d6bd5661153869a6a596b853719af919a

Resubmissions

25-11-2020 08:45

201125-9amzy5gfk2 0

25-11-2020 08:45

25-11-2020 08:44

25-11-2020 08:44

25-11-2020 08:13

Sharing

Copy URL

Twitter E-mail

General

Target

05fc949a1d235d88ebf502b47633eb9d6bd5661153869a6a596b853719af919a
Size

251KB
Sample

201125-ed679f8pg6
MD5

fb2b803a0e07ddd4ad1fd252865a8329
SHA1

842a30119ac0dc43980e672bc7e03037f06b39fb
SHA256

05fc949a1d235d88ebf502b47633eb9d6bd5661153869a6a596b853719af919a
SHA512

ae12f4e2bc1d5a62a8e16f520f1157b76d7892e24f9b87ea72fca450e7b497873383472eb4089aa3de5da86599ed76e7e73b7404480b2cbce85ab024dfb67b69

Score

10^/10

Malware Config

Extracted

Family

qakbot

Botnet

abc100

Campaign

1606207839

37.6.223.237:995

2.51.246.190:995

37.211.86.156:443

42.201.228.106:995

50.29.166.232:995

102.185.58.126:443

81.133.234.36:2222

2.50.89.158:995

79.166.83.103:2222

173.245.152.231:443

2.86.41.23:2222

93.151.180.170:61202

24.179.13.119:443

24.152.219.253:995

105.198.236.99:443

24.205.42.241:443

176.58.132.212:2222

151.73.126.156:443

94.52.68.72:443

47.146.169.85:443

Targets

- Target
  
  05fc949a1d235d88ebf502b47633eb9d6bd5661153869a6a596b853719af919a
- Size
  
  251KB
- MD5
  
  fb2b803a0e07ddd4ad1fd252865a8329
- SHA1
  
  842a30119ac0dc43980e672bc7e03037f06b39fb
- SHA256
  
  05fc949a1d235d88ebf502b47633eb9d6bd5661153869a6a596b853719af919a
- SHA512
  
  ae12f4e2bc1d5a62a8e16f520f1157b76d7892e24f9b87ea72fca450e7b497873383472eb4089aa3de5da86599ed76e7e73b7404480b2cbce85ab024dfb67b69
Score

10^/10

qakbot abc100 1606207839 banker stealer trojan
- Qakbot/Qbot
  Qbot or Qakbot is a sophisticated worm with banking capabilities.
  trojan banker stealer qakbot
- Loads dropped DLL
behavioral1 behavioral2

MITRE ATT&CK Matrix ATT&CK v6

Initial Access

Execution

Scheduled Task

T1053

Persistence

Scheduled Task

T1053

Privilege Escalation

Scheduled Task

T1053

Defense Evasion

Credential Access

Discovery

Query Registry

T1012

Peripheral Device Discovery

T1120

System Information Discovery

T1082

Lateral Movement

Collection

Exfiltration

Command and Control

Impact

Tasks

Resubmissions

Sharing

General

Malware Config

Extracted

Targets

Qakbot/Qbot

Loads dropped DLL

MITRE ATT&CK Matrix ATT&CK v6

Tasks

static1

behavioral1

behavioral2