qakbot | 8c7bb3461617b49ba44408649e114fb4543786b39ac973d5c36f0bd27b699571

General

Target

I200_8c7bb3461617b49ba44408649e114fb4543786b39ac973d5c36f0bd27b699571.bin
Size

265KB
Sample

211208-qfb9tsaecm
MD5

7f1d631e904f5a3c4e5f5e271ad912ef
SHA1

f804cf638ee6af0bc2a5e799a9ca2c02928d5b31
SHA256

8c7bb3461617b49ba44408649e114fb4543786b39ac973d5c36f0bd27b699571
SHA512

39f7bc7f62e90078a015b41bd2770fbf9544809263b30c5419ef286b7ad49f48a6debd65703bcbbd4a27c927f5c125b3b78428eba8d9271e89c08a85c0d4c8cf

Score

10^/10

Malware Config

Extracted

Family

qakbot

Version

402.115

Botnet

obama62

Campaign

1624268905

C2

184.185.103.157:443

24.179.77.236:443

71.41.184.10:3389

95.77.223.148:443

81.97.154.100:443

105.198.236.99:443

86.220.60.247:2222

197.45.110.165:995

149.28.98.196:2222

149.28.98.196:995

149.28.101.90:443

149.28.101.90:8443

149.28.99.97:2222

45.32.211.207:995

45.63.107.192:995

45.63.107.192:443

45.63.107.192:2222

45.32.211.207:2222

207.246.77.75:8443

45.32.211.207:8443

Attributes

salt
jHxastDcds)oMc=jvh7wdUhxcsdt2

Targets

- Target
  
  I200_8c7bb3461617b49ba44408649e114fb4543786b39ac973d5c36f0bd27b699571.bin
- Size
  
  265KB
- MD5
  
  7f1d631e904f5a3c4e5f5e271ad912ef
- SHA1
  
  f804cf638ee6af0bc2a5e799a9ca2c02928d5b31
- SHA256
  
  8c7bb3461617b49ba44408649e114fb4543786b39ac973d5c36f0bd27b699571
- SHA512
  
  39f7bc7f62e90078a015b41bd2770fbf9544809263b30c5419ef286b7ad49f48a6debd65703bcbbd4a27c927f5c125b3b78428eba8d9271e89c08a85c0d4c8cf
Score

10^/10

qakbot obama62 1624268905 banker stealer trojan
- Qakbot/Qbot
  Qbot or Qakbot is a sophisticated worm with banking capabilities.
  trojan banker stealer qakbot
- Loads dropped DLL
behavioral1 behavioral2

MITRE ATT&CK Matrix ATT&CK v6

Initial Access

Execution

Scheduled Task

1

T1053

Persistence

Scheduled Task

1

T1053

Privilege Escalation

Scheduled Task

1

T1053

Defense Evasion

Credential Access

Discovery

Lateral Movement

Collection

Exfiltration

Command and Control

Impact

Tasks

Sharing

General

Malware Config

Extracted

Targets

Qakbot/Qbot

Loads dropped DLL

MITRE ATT&CK Matrix ATT&CK v6

Tasks

static1

behavioral1

behavioral2