test.test

General
Target

test.test

Size

754KB

Sample

211021-w1jgjabeej

Score
10 /10
MD5

3ce0ae3de42da2dac1ef87f94921facb

SHA1

233a3c69e30bda4a5a92735cda8b30b2ad99252f

SHA256

e072cf4eebd73cb8072c1ce938e2df6d3d864ddd116336f79f804dfa634edb5e

SHA512

5036d39d0966ffb1780c2c4f3a2b5c8635e4607daad723557390d0c46426c497565e9cd9136d371365881bb08303f4bc9806585ce2c9ee9735d6e8ca1666ea02

Malware Config

Extracted

Family qakbot
Version 402.363
Botnet tr
Campaign 1634541613
C2

120.150.218.241:995

24.119.214.7:443

103.143.8.71:443

81.241.252.59:2078

81.250.153.227:2222

174.54.193.186:443

73.52.50.32:443

39.49.122.240:995

86.220.112.26:2222

103.82.211.39:465

78.191.38.33:995

216.201.162.158:443

181.118.183.94:443

66.177.215.152:0

208.78.220.143:443

94.200.181.154:443

136.232.34.70:443

136.143.11.232:443

81.213.59.22:443

103.82.211.39:990

38.70.253.226:2222

98.203.26.168:443

199.27.127.129:443

31.167.109.100:443

93.48.58.123:2222

136.232.254.46:995

65.100.174.110:995

176.45.53.222:443

220.255.25.28:2222

91.178.126.51:995

37.210.155.239:995

105.198.236.99:995

117.215.228.151:443

129.208.61.171:995

115.96.64.9:995

196.207.140.40:995

76.25.142.196:443

24.231.209.2:2222

146.66.238.74:443

140.82.49.12:443

103.82.211.39:995

65.100.174.110:443

103.142.10.177:443

41.86.42.158:995

71.74.12.34:443

174.76.17.43:443

96.37.113.36:993

173.25.162.221:443

89.137.52.44:443

189.135.16.92:443

Attributes
salt
jHxastDcds)oMc=jvh7wdUhxcsdt2
Targets
Target

test.test

MD5

3ce0ae3de42da2dac1ef87f94921facb

Filesize

754KB

Score
10 /10
SHA1

233a3c69e30bda4a5a92735cda8b30b2ad99252f

SHA256

e072cf4eebd73cb8072c1ce938e2df6d3d864ddd116336f79f804dfa634edb5e

SHA512

5036d39d0966ffb1780c2c4f3a2b5c8635e4607daad723557390d0c46426c497565e9cd9136d371365881bb08303f4bc9806585ce2c9ee9735d6e8ca1666ea02

Tags

Signatures

  • Qakbot/Qbot

    Description

    Qbot or Qakbot is a sophisticated worm with banking capabilities.

    Tags

  • Loads dropped DLL

Related Tasks

MITRE ATT&CK Matrix
Collection
    Command and Control
      Credential Access
        Defense Evasion
          Discovery
            Execution
              Exfiltration
                Impact
                  Initial Access
                    Lateral Movement
                      Persistence
                      Privilege Escalation
                        Tasks