qakbot | 702f91141f3e0694a86f0d1394d3acc46198c578440ff739b2a19bd7aaa2991a

General

Target

702f91141f3e0694a86f0d1394d3acc46198c578440ff739b2a19bd7aaa2991a
Size

2.1MB
Sample

220205-rs4qaacbh8
MD5

99734c62fa821ffa475ca5be7bd9b257
SHA1

a9cfb457ab1c9b6a6741ea7d73169f3a8b42022f
SHA256

702f91141f3e0694a86f0d1394d3acc46198c578440ff739b2a19bd7aaa2991a
SHA512

845fff17f8c53c71e5cb1859d13bc01a7b2130f8d639c126ca4d18197d4d55829d3814158bfe79a56470f038b2b7dbd3326b086cedb437395a61736a741a2fcd

Score

10^/10

Malware Config

Extracted

Family

qakbot

Version

324.75

Botnet

spx91

Campaign

1586277222

C2

76.180.69.236:443

216.16.178.115:443

75.183.171.155:3389

72.80.137.215:443

100.33.132.135:443

70.62.160.186:6883

68.41.60.225:443

100.40.48.96:443

47.41.3.40:443

98.164.253.75:443

78.96.148.177:443

73.192.209.168:443

64.19.74.29:995

93.114.89.119:995

73.60.148.209:443

66.26.160.37:443

47.39.76.74:443

97.96.51.117:443

5.13.221.230:443

68.174.9.179:443

Targets

- Target
  
  702f91141f3e0694a86f0d1394d3acc46198c578440ff739b2a19bd7aaa2991a
- Size
  
  2.1MB
- MD5
  
  99734c62fa821ffa475ca5be7bd9b257
- SHA1
  
  a9cfb457ab1c9b6a6741ea7d73169f3a8b42022f
- SHA256
  
  702f91141f3e0694a86f0d1394d3acc46198c578440ff739b2a19bd7aaa2991a
- SHA512
  
  845fff17f8c53c71e5cb1859d13bc01a7b2130f8d639c126ca4d18197d4d55829d3814158bfe79a56470f038b2b7dbd3326b086cedb437395a61736a741a2fcd
Score

10^/10

qakbot spx91 1586277222 banker stealer trojan
- Qakbot/Qbot
  Qbot or Qakbot is a sophisticated worm with banking capabilities.
  trojan banker stealer qakbot
behavioral1 behavioral2

MITRE ATT&CK Matrix ATT&CK v6

Initial Access

Execution

Persistence

Privilege Escalation

Defense Evasion

Credential Access

Discovery

System Information Discovery

1

T1082

Remote System Discovery

1

T1018

Lateral Movement

Collection

Exfiltration

Command and Control

Impact

Tasks

Sharing

General

Malware Config

Extracted

Targets

Qakbot/Qbot

MITRE ATT&CK Matrix ATT&CK v6

Tasks

static1

behavioral1

behavioral2