Overview

overview

10

Static

static

a1a6bbdd0f...cd.dll

windows7_x64

10

a1a6bbdd0f...cd.dll

windows10_x64

10

Sharing

Copy URL
Twitter E-mail

General

  • Target

    a1a6bbdd0ff39d7f32cae83884aa14b5b75029cd.dll

  • Size

    285KB

  • Sample

    210623-jtp3hzb86a

  • MD5

    d0d275326faf2b4ff27b6c8f07dbce13

  • SHA1

    a1a6bbdd0ff39d7f32cae83884aa14b5b75029cd

  • SHA256

    160bc861f844743c52a34eaa0b1053b904277093e50f311726609a7a4084bb50

  • SHA512

    373a3a43985de2627cd79926ac533bd70881afb0e0f80226c004428e11377aa030bbd495f6ebcea5b20948770b53027a1339f283f39934c1573ece39957341d5

Score
10/10
qakbottr1623837834bankerstealertrojan

Malware Config

Extracted

Family

qakbot

Version

402.115

Botnet

tr

Campaign

1623837834

C2

144.139.47.206:443

105.198.236.101:443

136.232.34.70:443

90.65.234.26:2222

71.41.184.10:3389

98.192.185.86:443

184.185.103.157:443

24.179.77.236:443

81.97.154.100:443

186.144.33.73:443

96.253.46.210:443

213.122.113.120:443

47.22.148.6:443

149.28.99.97:995

45.63.107.192:2222

45.32.211.207:443

45.32.211.207:8443

149.28.98.196:995

45.63.107.192:995

45.77.115.208:443

Targets

    • Target

      a1a6bbdd0ff39d7f32cae83884aa14b5b75029cd.dll

    • Size

      285KB

    • MD5

      d0d275326faf2b4ff27b6c8f07dbce13

    • SHA1

      a1a6bbdd0ff39d7f32cae83884aa14b5b75029cd

    • SHA256

      160bc861f844743c52a34eaa0b1053b904277093e50f311726609a7a4084bb50

    • SHA512

      373a3a43985de2627cd79926ac533bd70881afb0e0f80226c004428e11377aa030bbd495f6ebcea5b20948770b53027a1339f283f39934c1573ece39957341d5

    Score
    10/10
    qakbottr1623837834bankerstealertrojan
    behavioral1behavioral2

MITRE ATT&CK Matrix ATT&CK v6

Initial Access

Execution

Scheduled Task

1
T1053

Persistence

Scheduled Task

1
T1053

Privilege Escalation

Scheduled Task

1
T1053

Defense Evasion

Credential Access

Discovery

Lateral Movement

Collection

Exfiltration

Command and Control

Impact

Tasks