qakbot | d98f9144455376d147445b0613dcd9d3a316e617a9a095b48bcb420c60662597

General

Target

d98f9144455376d147445b0613dcd9d3a316e617a9a095b48bcb420c60662597
Size

964KB
Sample

211105-s4v3yshdan
MD5

ca7e44b5a4e6903377794c0608264b8a
SHA1

3582c23194b3483393ffeff92ba291bef430de51
SHA256

d98f9144455376d147445b0613dcd9d3a316e617a9a095b48bcb420c60662597
SHA512

1ab9875d47419f791a52cb369007c756a5e76c4f92b62db547a9271c3ecc72f3000b4babf9b224b65f4ac7b6909d9f61003bd47d32948e426e0915720499d064

Score

10^/10

qakbot tr 1635953596 banker stealer trojan

Malware Config

Extracted

Family

qakbot

Version

402.388

Botnet

tr

Campaign

1635953596

C2

190.73.3.148:2222

109.177.30.138:995

181.99.138.132:465

109.228.255.59:443

94.200.181.154:443

103.150.40.76:995

216.238.71.31:443

216.238.72.121:443

216.238.72.121:995

216.238.71.31:995

177.172.5.228:995

201.172.31.95:80

67.165.206.193:993

50.194.160.233:32100

92.59.35.196:2222

89.101.97.139:443

176.35.109.202:2222

140.82.49.12:443

109.133.93.127:995

71.13.93.154:2222

Attributes

salt
jHxastDcds)oMc=jvh7wdUhxcsdt2

Targets

- Target
  
  d98f9144455376d147445b0613dcd9d3a316e617a9a095b48bcb420c60662597
- Size
  
  964KB
- MD5
  
  ca7e44b5a4e6903377794c0608264b8a
- SHA1
  
  3582c23194b3483393ffeff92ba291bef430de51
- SHA256
  
  d98f9144455376d147445b0613dcd9d3a316e617a9a095b48bcb420c60662597
- SHA512
  
  1ab9875d47419f791a52cb369007c756a5e76c4f92b62db547a9271c3ecc72f3000b4babf9b224b65f4ac7b6909d9f61003bd47d32948e426e0915720499d064
Score

10^/10

qakbot tr 1635953596 banker stealer trojan
- Qakbot/Qbot
  Qbot or Qakbot is a sophisticated worm with banking capabilities.
  trojan banker stealer qakbot
- Loads dropped DLL
behavioral1 behavioral2

MITRE ATT&CK Matrix ATT&CK v6

Initial Access

Execution

Scheduled Task

1

T1053

Persistence

Scheduled Task

1

T1053

Privilege Escalation

Scheduled Task

1

T1053

Defense Evasion

Credential Access

Discovery

Lateral Movement

Collection

Exfiltration

Command and Control

Impact

Tasks

Sharing

General

Malware Config

Extracted

Targets

Qakbot/Qbot

Loads dropped DLL

MITRE ATT&CK Matrix ATT&CK v6

Tasks

static1

behavioral1

behavioral2