Overview

overview

10

Static

static

a2869406c4...f5.dll

windows7_x64

10

a2869406c4...f5.dll

windows10_x64

10

Sharing

Copy URL
Twitter E-mail

General

  • Target

    a2869406c4661b2c003f0d38aebe8f8e5715bdbc7d67e429023cb0726dbc13f5.dll

  • Size

    1.0MB

  • Sample

    210507-drc7gl5kde

  • MD5

    f8bedd553a00abdc81ae847d21e958a1

  • SHA1

    1b5ac0acbba430c9e4ccad70a59eb2dedc9b0f5b

  • SHA256

    a2869406c4661b2c003f0d38aebe8f8e5715bdbc7d67e429023cb0726dbc13f5

  • SHA512

    d0089483de35cda1b5fd0e498f7af2f3d471d08fd86cd7efb00df75e9a41fecaccfedfb34f048d69f2663062fd177e823c1213831ce22e0076506ed5eeb35b4e

Score
10/10
qakbotdomain021613028094bankerstealertrojan

Malware Config

Extracted

Family

qakbot

Version

401.138

Botnet

domain02

Campaign

1613028094

C2

32.210.98.6:443

70.49.88.199:2222

151.205.102.42:443

178.152.79.153:995

216.195.46.163:2222

72.252.201.69:443

90.65.236.181:2222

98.173.34.212:995

97.69.160.4:2222

69.245.102.225:443

144.139.166.18:443

73.25.124.140:2222

189.223.205.126:443

157.131.108.180:443

71.197.126.250:443

73.228.197.5:443

151.213.189.62:443

24.229.150.54:995

84.72.35.226:443

199.19.117.131:443

Targets

    • Target

      a2869406c4661b2c003f0d38aebe8f8e5715bdbc7d67e429023cb0726dbc13f5.dll

    • Size

      1.0MB

    • MD5

      f8bedd553a00abdc81ae847d21e958a1

    • SHA1

      1b5ac0acbba430c9e4ccad70a59eb2dedc9b0f5b

    • SHA256

      a2869406c4661b2c003f0d38aebe8f8e5715bdbc7d67e429023cb0726dbc13f5

    • SHA512

      d0089483de35cda1b5fd0e498f7af2f3d471d08fd86cd7efb00df75e9a41fecaccfedfb34f048d69f2663062fd177e823c1213831ce22e0076506ed5eeb35b4e

    Score
    10/10
    qakbotdomain021613028094bankerstealertrojan
    behavioral1behavioral2

MITRE ATT&CK Matrix ATT&CK v6

Initial Access

Execution

Scheduled Task

1
T1053

Persistence

Scheduled Task

1
T1053

Privilege Escalation

Scheduled Task

1
T1053

Defense Evasion

Credential Access

Discovery

Lateral Movement

Collection

Exfiltration

Command and Control

Impact

Tasks