qakbot | 88ef04f9d6e4842f60c93dfa0f9dc4bc81dafcfa8eb500da8515a95e998a1e8c

General

Target

88ef04f9d6e4842f60c93dfa0f9dc4bc81dafcfa8eb500da8515a95e998a1e8c
Size

2.1MB
Sample

220205-qjlbxabhhl
MD5

2e7e8eebea2732157632086bfb5c32fe
SHA1

94f995923a29fdb09f6927cf439a1f0c2aeb35a0
SHA256

88ef04f9d6e4842f60c93dfa0f9dc4bc81dafcfa8eb500da8515a95e998a1e8c
SHA512

8f43d83d7741e52178ef17c90170568fd7ff9aed483b5710fd3d169a557126ca9d11aa3be5403e0ba2e7c1d3701bb5065c348e8d59910a9fa73bc5025e56d013

Score

10^/10

Malware Config

Extracted

Family

qakbot

Version

324.75

Botnet

spx91

Campaign

1586277222

C2

76.180.69.236:443

216.16.178.115:443

75.183.171.155:3389

72.80.137.215:443

100.33.132.135:443

70.62.160.186:6883

68.41.60.225:443

100.40.48.96:443

47.41.3.40:443

98.164.253.75:443

78.96.148.177:443

73.192.209.168:443

64.19.74.29:995

93.114.89.119:995

73.60.148.209:443

66.26.160.37:443

47.39.76.74:443

97.96.51.117:443

5.13.221.230:443

68.174.9.179:443

Targets

- Target
  
  88ef04f9d6e4842f60c93dfa0f9dc4bc81dafcfa8eb500da8515a95e998a1e8c
- Size
  
  2.1MB
- MD5
  
  2e7e8eebea2732157632086bfb5c32fe
- SHA1
  
  94f995923a29fdb09f6927cf439a1f0c2aeb35a0
- SHA256
  
  88ef04f9d6e4842f60c93dfa0f9dc4bc81dafcfa8eb500da8515a95e998a1e8c
- SHA512
  
  8f43d83d7741e52178ef17c90170568fd7ff9aed483b5710fd3d169a557126ca9d11aa3be5403e0ba2e7c1d3701bb5065c348e8d59910a9fa73bc5025e56d013
Score

10^/10

qakbot spx91 1586277222 banker stealer trojan
- Qakbot/Qbot
  Qbot or Qakbot is a sophisticated worm with banking capabilities.
  trojan banker stealer qakbot
behavioral1 behavioral2

MITRE ATT&CK Matrix ATT&CK v6

Initial Access

Execution

Persistence

Privilege Escalation

Defense Evasion

Credential Access

Discovery

System Information Discovery

1

T1082

Remote System Discovery

1

T1018

Lateral Movement

Collection

Exfiltration

Command and Control

Impact

Tasks

Sharing

General

Malware Config

Extracted

Targets

Qakbot/Qbot

MITRE ATT&CK Matrix ATT&CK v6

Tasks

static1

behavioral1

behavioral2