a88f4c170e11eda9a789765001a84fb1

General
Target

a88f4c170e11eda9a789765001a84fb1

Size

271KB

Sample

201126-f1sf56vq3a

Score
10 /10
MD5

a88f4c170e11eda9a789765001a84fb1

SHA1

b274da255232e48ab19e9b478f29ffd54f885a76

SHA256

ba25af3aa1f14cd574b5f8d43867a0be53d2df9f6fe37116da6dd05446296fb7

SHA512

f5cd24cfd484d0ab54b7b0d0115005ab808d4bdde446380a2d2e9ab5a3f29265152e9139ba79fe8844be658afc7d41641ba71fa4f0fe050db4315d1055c3cf70

Malware Config

Extracted

Family qakbot
Botnet tr02
Campaign 1606301054
C2

59.98.96.143:443

86.122.248.164:2222

101.185.175.169:2222

71.187.170.235:443

92.59.35.196:2222

188.52.193.110:995

90.175.88.99:2222

37.107.111.46:995

96.237.141.134:995

2.50.143.154:2078

109.205.204.229:2222

90.101.62.189:2222

41.228.220.155:443

190.128.215.174:443

188.26.243.119:443

79.113.247.80:443

82.76.47.211:443

73.248.120.240:443

72.36.59.46:2222

74.129.26.119:443

24.152.219.253:995

37.116.152.122:2222

83.202.68.220:2222

5.13.75.120:443

216.215.77.18:2078

24.122.0.90:443

197.135.88.225:995

73.55.254.225:443

68.192.50.231:443

188.24.155.168:443

116.240.78.45:995

50.244.112.90:443

140.82.27.132:443

178.87.29.72:443

201.152.196.4:443

174.101.35.214:443

83.110.220.105:443

194.243.78.225:443

45.32.162.253:443

2.49.219.254:22

45.32.165.134:443

71.126.139.251:443

72.186.1.237:443

105.96.27.117:443

77.27.174.49:995

70.124.29.226:443

113.22.243.219:443

89.32.220.24:443

71.182.142.63:443

84.224.55.148:995

Targets
Target

a88f4c170e11eda9a789765001a84fb1

MD5

a88f4c170e11eda9a789765001a84fb1

Filesize

271KB

Score
10 /10
SHA1

b274da255232e48ab19e9b478f29ffd54f885a76

SHA256

ba25af3aa1f14cd574b5f8d43867a0be53d2df9f6fe37116da6dd05446296fb7

SHA512

f5cd24cfd484d0ab54b7b0d0115005ab808d4bdde446380a2d2e9ab5a3f29265152e9139ba79fe8844be658afc7d41641ba71fa4f0fe050db4315d1055c3cf70

Tags

Signatures

  • Qakbot/Qbot

    Description

    Qbot or Qakbot is a sophisticated worm with banking capabilities.

    Tags

  • Loads dropped DLL

Related Tasks

MITRE ATT&CK Matrix
Collection
    Command and Control
      Credential Access
        Defense Evasion
          Execution
            Exfiltration
              Impact
                Initial Access
                  Lateral Movement
                    Persistence
                    Privilege Escalation
                      Tasks