qakbot | f37c950e329c221ccb6d9184d39e73e0b56924bec963e20766148b630dea93ac

General

Target

f37c950e329c221ccb6d9184d39e73e0b56924bec963e20766148b630dea93ac
Size

1.8MB
Sample

220201-c4rsjafhh9
MD5

bb62584b9838309fb13e405930ad6d06
SHA1

aa66fc36cadb293bde8f675d5d43d2c28f679eab
SHA256

f37c950e329c221ccb6d9184d39e73e0b56924bec963e20766148b630dea93ac
SHA512

d80a97e9dd89ffa02248459a6dbb5596bd63a96153315d7702dabc3093a235c7d40992ecf131bb19de8b2fc67b5d69b5f4df8cf372a8c838b676091bb5189f03

Score

10^/10

Malware Config

Extracted

Family

qakbot

Version

324.70

Botnet

spx84

Campaign

1585051761

C2

72.183.241.2:443

75.183.171.155:3389

2.190.139.78:443

98.197.254.40:443

70.174.3.241:443

72.190.30.180:443

197.210.96.222:995

75.110.93.212:443

98.204.224.168:443

78.97.145.242:443

24.99.180.247:443

207.5.138.66:0

73.214.231.2:443

72.132.249.144:995

72.80.137.215:443

81.147.42.207:2222

45.45.105.94:990

172.78.87.180:443

78.96.148.177:443

89.137.211.38:443

Targets

- Target
  
  f37c950e329c221ccb6d9184d39e73e0b56924bec963e20766148b630dea93ac
- Size
  
  1.8MB
- MD5
  
  bb62584b9838309fb13e405930ad6d06
- SHA1
  
  aa66fc36cadb293bde8f675d5d43d2c28f679eab
- SHA256
  
  f37c950e329c221ccb6d9184d39e73e0b56924bec963e20766148b630dea93ac
- SHA512
  
  d80a97e9dd89ffa02248459a6dbb5596bd63a96153315d7702dabc3093a235c7d40992ecf131bb19de8b2fc67b5d69b5f4df8cf372a8c838b676091bb5189f03
Score

10^/10

qakbot spx84 1585051761 banker stealer trojan
- Qakbot/Qbot
  Qbot or Qakbot is a sophisticated worm with banking capabilities.
  trojan banker stealer qakbot
behavioral1 behavioral2

MITRE ATT&CK Matrix ATT&CK v6

Initial Access

Execution

Persistence

Privilege Escalation

Defense Evasion

Credential Access

Discovery

System Information Discovery

1

T1082

Remote System Discovery

1

T1018

Lateral Movement

Collection

Exfiltration

Command and Control

Impact

Tasks

Sharing

General

Malware Config

Extracted

Targets

Qakbot/Qbot

MITRE ATT&CK Matrix ATT&CK v6

Tasks

static1

behavioral1

behavioral2