qakbot | e709bd31b9d0f340605499771a33521a09ba3f9b17d19706ecb7748fea93dae5 | Triage

Sharing

General

Target

e709bd31b9d0f340605499771a33521a09ba3f9b17d19706ecb7748fea93dae5
Size

512KB
Sample

211023-237vssddcr
MD5

c12d474142ae599f4b7d3c3decca27c0
SHA1

86326c7cae713774ddf65a90be20a49a86c0a11d
SHA256

e709bd31b9d0f340605499771a33521a09ba3f9b17d19706ecb7748fea93dae5
SHA512

0b4cdf6986fe985d5a9260760e398694315d45b86a33693c851f357a59083c100cc5b88c62e05cf29159b467bef3dc47aa39230cadf79cf62aa7b515b2ec58e3

Score

10^/10

qakbot star01 1634935795 banker evasion stealer trojan

Malware Config

Extracted

Family

qakbot

Version

402.363

Botnet

star01

Campaign

1634935795

C2

45.9.20.200:443

96.246.158.154:995

67.165.206.193:993

207.246.112.221:443

37.208.181.198:61202

77.255.12.88:443

79.160.207.214:443

216.201.162.158:443

185.53.147.51:443

187.250.109.250:443

173.21.10.71:2222

108.4.67.252:443

93.175.84.127:443

84.117.135.69:443

87.64.241.207:995

207.246.112.221:995

188.50.34.167:995

73.25.109.183:2222

213.177.130.71:443

176.63.117.1:443

Attributes

salt
jHxastDcds)oMc=jvh7wdUhxcsdt2

Targets

- Target
  
  e709bd31b9d0f340605499771a33521a09ba3f9b17d19706ecb7748fea93dae5
- Size
  
  512KB
- MD5
  
  c12d474142ae599f4b7d3c3decca27c0
- SHA1
  
  86326c7cae713774ddf65a90be20a49a86c0a11d
- SHA256
  
  e709bd31b9d0f340605499771a33521a09ba3f9b17d19706ecb7748fea93dae5
- SHA512
  
  0b4cdf6986fe985d5a9260760e398694315d45b86a33693c851f357a59083c100cc5b88c62e05cf29159b467bef3dc47aa39230cadf79cf62aa7b515b2ec58e3
Score

10^/10

qakbot star01 1634935795 banker evasion stealer trojan
- Qakbot/Qbot
  Qbot or Qakbot is a sophisticated worm with banking capabilities.
  trojan banker stealer qakbot
- Windows security bypass
  evasion trojan
- Loads dropped DLL
behavioral1 behavioral2

MITRE ATT&CK Matrix ATT&CK v6

Initial Access

Execution

Scheduled Task

Persistence

Scheduled Task

Privilege Escalation

Scheduled Task

Defense Evasion

Disabling Security Tools

Modify Registry

Credential Access

Discovery

Lateral Movement

Collection

Exfiltration

Command and Control

Impact

Tasks

static1

behavioral1

qakbotstar011634935795bankerevasionstealertrojan

behavioral2

qakbotstar011634935795bankerstealertrojan