qakbot | a2e6326628b67563b1fde916775f1cf450aae991dd7093504ce0da40d4ccc517

General

Target

a2e6326628b67563b1fde916775f1cf450aae991dd7093504ce0da40d4ccc517
Size

2.1MB
Sample

220205-n7lw8sbchp
MD5

89219389c1102eed2efbd47a9f7f5390
SHA1

4f50fad9b879360a6164628569a7a404ce058142
SHA256

a2e6326628b67563b1fde916775f1cf450aae991dd7093504ce0da40d4ccc517
SHA512

49ed40619937f22922562c325ce0e679e295b75ec6297ffc2fe106fa63c882905153a854a70a1310e279842d1508ca028b0bcaf9b78b739aadcc411202cdc2f6

Score

10^/10

Malware Config

Extracted

Family

qakbot

Version

324.75

Botnet

spx91

Campaign

1586264831

C2

100.38.123.22:443

72.16.212.107:465

65.131.79.162:995

65.96.36.157:443

24.61.47.73:443

73.192.209.168:443

93.114.89.119:995

71.58.21.235:443

68.174.9.179:443

73.137.187.150:443

71.178.38.101:443

50.29.181.193:995

31.5.189.71:443

68.49.120.179:443

24.203.36.180:2222

81.102.127.116:443

86.106.126.189:443

68.224.192.39:443

184.21.151.81:995

173.175.29.210:443

Targets

- Target
  
  a2e6326628b67563b1fde916775f1cf450aae991dd7093504ce0da40d4ccc517
- Size
  
  2.1MB
- MD5
  
  89219389c1102eed2efbd47a9f7f5390
- SHA1
  
  4f50fad9b879360a6164628569a7a404ce058142
- SHA256
  
  a2e6326628b67563b1fde916775f1cf450aae991dd7093504ce0da40d4ccc517
- SHA512
  
  49ed40619937f22922562c325ce0e679e295b75ec6297ffc2fe106fa63c882905153a854a70a1310e279842d1508ca028b0bcaf9b78b739aadcc411202cdc2f6
Score

10^/10

qakbot spx91 1586264831 banker stealer trojan
- Qakbot/Qbot
  Qbot or Qakbot is a sophisticated worm with banking capabilities.
  trojan banker stealer qakbot
behavioral1 behavioral2

MITRE ATT&CK Matrix ATT&CK v6

Initial Access

Execution

Persistence

Privilege Escalation

Defense Evasion

Credential Access

Discovery

System Information Discovery

1

T1082

Remote System Discovery

1

T1018

Lateral Movement

Collection

Exfiltration

Command and Control

Impact

Tasks

Sharing

General

Malware Config

Extracted

Targets

Qakbot/Qbot

MITRE ATT&CK Matrix ATT&CK v6

Tasks

static1

behavioral1

behavioral2