qakbot | f512a1ae9f24a56c38b1be8519037ef71b7392b497d40e287ac3252bcee37a44 | Triage

Sharing

General

Target

f512a1ae9f24a56c38b1be8519037ef71b7392b497d40e287ac3252bcee37a44
Size

342KB
Sample

210430-yvzrz3n1gn
MD5

e3082189a2125000ee31c5e30a2eaf6e
SHA1

a53a303da350843229e51ddfe52adab07c70dcec
SHA256

f512a1ae9f24a56c38b1be8519037ef71b7392b497d40e287ac3252bcee37a44
SHA512

b6b40259a54cab59fd7eaa05587a65ca08094477c54aa2b950595acc18cbcfcf78549681db4ad463dfe5a04ac7b147c5199e696c6fc1d82a8216f054d049e7ef

Score

10^/10

qakbot abc106m 1606921461 banker stealer trojan

Malware Config

Extracted

Family

qakbot

Version

401.51

Botnet

abc106m

Campaign

1606921461

C2

94.69.242.254:2222

189.140.45.48:995

37.182.244.124:2222

73.136.242.114:443

187.149.126.53:443

189.210.115.207:443

96.27.47.70:2222

185.163.221.77:2222

85.132.36.111:2222

178.87.10.110:443

120.150.218.241:995

68.224.121.148:993

78.101.145.96:61201

47.146.34.236:443

24.95.61.62:443

72.29.181.78:2222

93.113.177.152:443

87.218.53.206:2222

106.51.85.162:443

2.90.33.130:443

Targets

- Target
  
  f512a1ae9f24a56c38b1be8519037ef71b7392b497d40e287ac3252bcee37a44
- Size
  
  342KB
- MD5
  
  e3082189a2125000ee31c5e30a2eaf6e
- SHA1
  
  a53a303da350843229e51ddfe52adab07c70dcec
- SHA256
  
  f512a1ae9f24a56c38b1be8519037ef71b7392b497d40e287ac3252bcee37a44
- SHA512
  
  b6b40259a54cab59fd7eaa05587a65ca08094477c54aa2b950595acc18cbcfcf78549681db4ad463dfe5a04ac7b147c5199e696c6fc1d82a8216f054d049e7ef
Score

10^/10

qakbot abc106m 1606921461 banker stealer trojan
- Qakbot/Qbot
  Qbot or Qakbot is a sophisticated worm with banking capabilities.
  trojan banker stealer qakbot
- Loads dropped DLL
behavioral1 behavioral2

MITRE ATT&CK Matrix ATT&CK v6

Initial Access

Execution

Scheduled Task

Persistence

Scheduled Task

Privilege Escalation

Scheduled Task

Defense Evasion

Credential Access

Discovery

Query Registry

Peripheral Device Discovery

System Information Discovery

Lateral Movement

Collection

Exfiltration

Command and Control

Impact

Tasks

static1

behavioral1

qakbotabc106m1606921461bankerstealertrojan

behavioral2

qakbotabc106m1606921461bankerstealertrojan