qakbot | 620afd275ca028cab2bd314d4caa6d2741d6aa601882b2d6559ff2f5c8da69d1

General

Target

620afd275ca028cab2bd314d4caa6d2741d6aa601882b2d6559ff2f5c8da69d1
Size

2.3MB
Sample

220205-sey4bacgek
MD5

414e1018d33bfe42622adba6982926af
SHA1

774d2084cad809204518e242231d5cc7a12005d8
SHA256

620afd275ca028cab2bd314d4caa6d2741d6aa601882b2d6559ff2f5c8da69d1
SHA512

a91b51eebe7439bdf735131abdb32c51f6cacbc53ba37bba29f35ae81ffb859a70e75e4d6411070129452b531a9bf238b17771ec90485e9c758a6c87b241221b

Score

10^/10

Malware Config

Extracted

Family

qakbot

Version

324.127

Botnet

spx101

Campaign

1587470509

C2

98.213.28.175:443

89.38.74.46:443

75.81.25.223:995

72.16.57.99:443

173.3.132.17:995

24.229.245.124:995

67.165.206.193:995

66.25.168.167:2222

68.39.177.147:995

100.38.123.22:443

66.44.96.184:443

75.110.93.212:443

110.142.205.182:443

72.16.212.107:465

67.251.155.12:443

100.40.48.96:443

24.55.152.50:995

65.131.79.162:995

181.126.86.223:443

73.169.47.57:443

Targets

- Target
  
  620afd275ca028cab2bd314d4caa6d2741d6aa601882b2d6559ff2f5c8da69d1
- Size
  
  2.3MB
- MD5
  
  414e1018d33bfe42622adba6982926af
- SHA1
  
  774d2084cad809204518e242231d5cc7a12005d8
- SHA256
  
  620afd275ca028cab2bd314d4caa6d2741d6aa601882b2d6559ff2f5c8da69d1
- SHA512
  
  a91b51eebe7439bdf735131abdb32c51f6cacbc53ba37bba29f35ae81ffb859a70e75e4d6411070129452b531a9bf238b17771ec90485e9c758a6c87b241221b
Score

10^/10

qakbot spx101 1587470509 banker stealer trojan
- Qakbot/Qbot
  Qbot or Qakbot is a sophisticated worm with banking capabilities.
  trojan banker stealer qakbot
behavioral1 behavioral2

MITRE ATT&CK Matrix ATT&CK v6

Initial Access

Execution

Persistence

Privilege Escalation

Defense Evasion

Credential Access

Discovery

System Information Discovery

1

T1082

Remote System Discovery

1

T1018

Lateral Movement

Collection

Exfiltration

Command and Control

Impact

Tasks

Sharing

General

Malware Config

Extracted

Targets

Qakbot/Qbot

MITRE ATT&CK Matrix ATT&CK v6

Tasks

static1

behavioral1

behavioral2