qakbot | dc24c89b3de78c71f89538b71542a042c67fb549b3f4bdb38094e93e955bccad

General

Target

dc24c89b3de78c71f89538b71542a042c67fb549b3f4bdb38094e93e955bccad
Size

2.0MB
Sample

220205-k551jsaagl
MD5

25e2675a128c63a51134bdf681d0bc1f
SHA1

a73256db9ac17485fe3ee5cec5645aa626048bb7
SHA256

dc24c89b3de78c71f89538b71542a042c67fb549b3f4bdb38094e93e955bccad
SHA512

bd5d3bfd5a4e6cf88d13fdabdee94a79be9e156fb3b984f8d0d667ce728a555bdd4d01d12d8f431c1f64ab07b26e4b623d5586cda9fc4289bf271ea0845c9f18

Score

10^/10

Malware Config

Extracted

Family

qakbot

Version

324.127

Botnet

spx106

Campaign

1588083274

C2

5.2.149.216:443

5.182.39.156:443

156.222.184.101:995

208.126.142.17:443

108.21.54.174:443

74.129.26.223:443

72.204.242.138:443

87.65.204.240:995

136.228.103.44:443

92.114.85.210:995

184.180.157.203:2222

72.142.106.198:995

151.205.102.42:443

172.78.181.79:443

72.181.15.240:443

186.29.97.27:443

98.243.187.85:443

137.99.224.198:443

108.21.107.203:443

97.81.255.189:443

Targets

- Target
  
  dc24c89b3de78c71f89538b71542a042c67fb549b3f4bdb38094e93e955bccad
- Size
  
  2.0MB
- MD5
  
  25e2675a128c63a51134bdf681d0bc1f
- SHA1
  
  a73256db9ac17485fe3ee5cec5645aa626048bb7
- SHA256
  
  dc24c89b3de78c71f89538b71542a042c67fb549b3f4bdb38094e93e955bccad
- SHA512
  
  bd5d3bfd5a4e6cf88d13fdabdee94a79be9e156fb3b984f8d0d667ce728a555bdd4d01d12d8f431c1f64ab07b26e4b623d5586cda9fc4289bf271ea0845c9f18
Score

10^/10

qakbot spx106 1588083274 banker stealer trojan
- Qakbot/Qbot
  Qbot or Qakbot is a sophisticated worm with banking capabilities.
  trojan banker stealer qakbot
behavioral1 behavioral2

MITRE ATT&CK Matrix ATT&CK v6

Initial Access

Execution

Persistence

Privilege Escalation

Defense Evasion

Credential Access

Discovery

System Information Discovery

1

T1082

Remote System Discovery

1

T1018

Lateral Movement

Collection

Exfiltration

Command and Control

Impact

Tasks

Sharing

General

Malware Config

Extracted

Targets

Qakbot/Qbot

MITRE ATT&CK Matrix ATT&CK v6

Tasks

static1

behavioral1

behavioral2