qakbot | 40a4f7184aee555b871823a677a8ac7278856f735f8fd0080322f8c67e8be4f2

General

Target

40a4f7184aee555b871823a677a8ac7278856f735f8fd0080322f8c67e8be4f2
Size

2.0MB
Sample

220205-t1kngsdcd2
MD5

e5607c54c026676782b24856d4214d58
SHA1

a0e576281fa43368f48a93b6009f4329ed35aa34
SHA256

40a4f7184aee555b871823a677a8ac7278856f735f8fd0080322f8c67e8be4f2
SHA512

c7317c8caf82a0cebf63ad70f0095aeb6d884b93495f9b2c576dc4d8672ffb2c88ef0be4ae8d8c187bbc0476179598a95452a9c52b45b1ef9a493be94c376a13

Score

10^/10

Malware Config

Extracted

Family

qakbot

Version

324.127

Botnet

spx105

Campaign

1587988969

C2

24.184.5.251:2222

184.98.104.7:995

97.127.144.203:2222

121.74.205.27:995

75.87.161.32:995

24.201.79.208:2078

86.125.208.132:443

84.247.55.190:443

94.53.119.108:443

58.177.238.186:443

71.77.231.251:443

89.137.208.171:443

5.107.186.224:2222

72.183.129.56:443

71.220.191.200:443

68.82.125.234:443

172.113.74.96:443

70.95.94.91:2222

86.127.12.161:21

216.16.178.115:443

Targets

- Target
  
  40a4f7184aee555b871823a677a8ac7278856f735f8fd0080322f8c67e8be4f2
- Size
  
  2.0MB
- MD5
  
  e5607c54c026676782b24856d4214d58
- SHA1
  
  a0e576281fa43368f48a93b6009f4329ed35aa34
- SHA256
  
  40a4f7184aee555b871823a677a8ac7278856f735f8fd0080322f8c67e8be4f2
- SHA512
  
  c7317c8caf82a0cebf63ad70f0095aeb6d884b93495f9b2c576dc4d8672ffb2c88ef0be4ae8d8c187bbc0476179598a95452a9c52b45b1ef9a493be94c376a13
Score

10^/10

qakbot spx105 1587988969 banker stealer trojan
- Qakbot/Qbot
  Qbot or Qakbot is a sophisticated worm with banking capabilities.
  trojan banker stealer qakbot
behavioral1 behavioral2

MITRE ATT&CK Enterprise v6

Initial Access

Execution

Persistence

Privilege Escalation

Defense Evasion

Credential Access

Discovery

Remote System Discovery

1

T1018

System Information Discovery

1

T1082

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Tasks

Sharing

General

Malware Config

Extracted

Targets

Qakbot/Qbot

MITRE ATT&CK Enterprise v6

Tasks

static1

behavioral1

behavioral2