qakbot | 0e5c4af6ad0b50b0712867ef41ebe47666407eacf7fc30ea3ebf7d691c1af592

General

Target

rundll32_00780000_fixed.dll
Size

564KB
Sample

210502-lxk59rhdd6
MD5

00ccc3498bd2a1bbb1d5d4e96d9d7825
SHA1

e87ac8f6bc4178c07ccf7dfafec34b8faaf10a3e
SHA256

0e5c4af6ad0b50b0712867ef41ebe47666407eacf7fc30ea3ebf7d691c1af592
SHA512

3bac3715105d3a63f8b633c172626ffca62da6100a8f4f1747c12381f05a3c33de7d0abc84b86d52a06cc5f7be761d3001c5b8182703970395c46d90c48716c7

Score

10^/10

qakbot tr 1614598087 banker stealer trojan

Malware Config

Extracted

Family

qakbot

Version

401.138

Botnet

tr

Campaign

1614598087

C2

24.95.61.62:443

89.3.198.238:443

196.151.252.84:443

90.65.236.181:2222

2.232.253.79:995

217.133.54.140:32100

195.43.173.70:443

84.247.55.190:8443

136.232.34.70:443

45.63.107.192:443

45.77.115.208:443

149.28.98.196:995

45.32.211.207:8443

149.28.98.196:443

149.28.99.97:443

45.63.107.192:2222

207.246.77.75:443

207.246.77.75:8443

45.77.117.108:443

45.32.211.207:995

Targets

- Target
  
  rundll32_00780000_fixed.dll
- Size
  
  564KB
- MD5
  
  00ccc3498bd2a1bbb1d5d4e96d9d7825
- SHA1
  
  e87ac8f6bc4178c07ccf7dfafec34b8faaf10a3e
- SHA256
  
  0e5c4af6ad0b50b0712867ef41ebe47666407eacf7fc30ea3ebf7d691c1af592
- SHA512
  
  3bac3715105d3a63f8b633c172626ffca62da6100a8f4f1747c12381f05a3c33de7d0abc84b86d52a06cc5f7be761d3001c5b8182703970395c46d90c48716c7
Score

10^/10

qakbot tr 1614598087 banker stealer trojan
- Qakbot/Qbot
  Qbot or Qakbot is a sophisticated worm with banking capabilities.
  trojan banker stealer qakbot
behavioral1 behavioral2

MITRE ATT&CK Matrix

Tasks

Sharing

General

Malware Config

Extracted

Targets

Qakbot/Qbot

MITRE ATT&CK Matrix

Tasks

static1

behavioral1

behavioral2