qakbot | 30bd6ca5e375620639cace8b72d7e4499cf309d4a0aab3f1ba9fafce46f9e9cf

General

Target

30bd6ca5e375620639cace8b72d7e4499cf309d4a0aab3f1ba9fafce46f9e9cf
Size

1.1MB
Sample

220201-mn9zaadacr
MD5

e246afedc817015727f4c2d257bd6f80
SHA1

ba6380216f7e62e3e32d129210a9f13f9bc4f3b5
SHA256

30bd6ca5e375620639cace8b72d7e4499cf309d4a0aab3f1ba9fafce46f9e9cf
SHA512

92c0226b49f52703c591f7c48b499b77178d87c11d6a1d8ab5d262112f5c05ed27db530ac12289c87e863a1915dc40b346e3d61c47fee2c586f7e0324a25c360

Score

10^/10

Malware Config

Extracted

Family

qakbot

Version

324.142

Botnet

spx136

Campaign

1591698756

C2

184.180.157.203:2222

47.136.224.60:443

5.13.97.215:995

73.101.211.117:443

104.221.4.11:2222

203.33.139.134:443

151.73.124.242:443

76.111.128.194:443

72.209.191.27:443

64.19.74.29:995

72.204.242.138:990

45.45.51.182:2222

173.22.120.11:2222

75.183.135.48:443

81.245.66.237:995

188.27.68.239:443

207.255.161.8:2078

199.247.22.145:443

76.187.8.160:443

173.172.205.216:443

Targets

- Target
  
  30bd6ca5e375620639cace8b72d7e4499cf309d4a0aab3f1ba9fafce46f9e9cf
- Size
  
  1.1MB
- MD5
  
  e246afedc817015727f4c2d257bd6f80
- SHA1
  
  ba6380216f7e62e3e32d129210a9f13f9bc4f3b5
- SHA256
  
  30bd6ca5e375620639cace8b72d7e4499cf309d4a0aab3f1ba9fafce46f9e9cf
- SHA512
  
  92c0226b49f52703c591f7c48b499b77178d87c11d6a1d8ab5d262112f5c05ed27db530ac12289c87e863a1915dc40b346e3d61c47fee2c586f7e0324a25c360
Score

10^/10

qakbot spx136 1591698756 banker stealer trojan
- Qakbot/Qbot
  Qbot or Qakbot is a sophisticated worm with banking capabilities.
  trojan banker stealer qakbot
behavioral1 behavioral2

MITRE ATT&CK Matrix ATT&CK v6

Initial Access

Execution

Persistence

Privilege Escalation

Defense Evasion

Credential Access

Discovery

System Information Discovery

1

T1082

Remote System Discovery

1

T1018

Lateral Movement

Collection

Exfiltration

Command and Control

Impact

Tasks

Sharing

General

Malware Config

Extracted

Targets

Qakbot/Qbot

MITRE ATT&CK Matrix ATT&CK v6

Tasks

static1

behavioral1

behavioral2