qakbot | fc169c5d804339f5ae3fde3a93cf984eaca1280221b651f9f45626fbeef4d23a | Triage

Sharing

General

Target

fc169c5d804339f5ae3fde3a93cf984eaca1280221b651f9f45626fbeef4d23a
Size

342KB
Sample

210430-6y187rm5hx
MD5

d50f0eabede46642d2d3e162a8be7427
SHA1

a153a86d6bb064f36435151e65ac94933acee5ee
SHA256

fc169c5d804339f5ae3fde3a93cf984eaca1280221b651f9f45626fbeef4d23a
SHA512

b922b4deb9468006301e1c50f37a08cbb4fd595b787c56fa6b188b4e59d9f538c639b8a7e05007838365699ca760b6d76755a09b95327b7ed5b4f944958c5a2d

Score

10^/10

qakbot abc106m 1606921461 banker stealer trojan

Malware Config

Extracted

Family

qakbot

Version

401.51

Botnet

abc106m

Campaign

1606921461

C2

94.69.242.254:2222

189.140.45.48:995

37.182.244.124:2222

73.136.242.114:443

187.149.126.53:443

189.210.115.207:443

96.27.47.70:2222

185.163.221.77:2222

85.132.36.111:2222

178.87.10.110:443

120.150.218.241:995

68.224.121.148:993

78.101.145.96:61201

47.146.34.236:443

24.95.61.62:443

72.29.181.78:2222

93.113.177.152:443

87.218.53.206:2222

106.51.85.162:443

2.90.33.130:443

Targets

- Target
  
  fc169c5d804339f5ae3fde3a93cf984eaca1280221b651f9f45626fbeef4d23a
- Size
  
  342KB
- MD5
  
  d50f0eabede46642d2d3e162a8be7427
- SHA1
  
  a153a86d6bb064f36435151e65ac94933acee5ee
- SHA256
  
  fc169c5d804339f5ae3fde3a93cf984eaca1280221b651f9f45626fbeef4d23a
- SHA512
  
  b922b4deb9468006301e1c50f37a08cbb4fd595b787c56fa6b188b4e59d9f538c639b8a7e05007838365699ca760b6d76755a09b95327b7ed5b4f944958c5a2d
Score

10^/10

qakbot abc106m 1606921461 banker stealer trojan
- Qakbot/Qbot
  Qbot or Qakbot is a sophisticated worm with banking capabilities.
  trojan banker stealer qakbot
- Loads dropped DLL
behavioral1 behavioral2

MITRE ATT&CK Matrix ATT&CK v6

Initial Access

Execution

Scheduled Task

Persistence

Scheduled Task

Privilege Escalation

Scheduled Task

Defense Evasion

Credential Access

Discovery

Query Registry

Peripheral Device Discovery

System Information Discovery

Lateral Movement

Collection

Exfiltration

Command and Control

Impact

Tasks

static1

behavioral1

qakbotabc106m1606921461bankerstealertrojan

behavioral2

qakbotabc106m1606921461bankerstealertrojan