qakbot | 0dbd6d9cc6b7556f14ebc05f8c9346605a18da53d0262230807b4ad7738c8e62

General

Target

0dbd6d9cc6b7556f14ebc05f8c9346605a18da53d0262230807b4ad7738c8e62
Size

2.0MB
Sample

220205-x9qsmsefh9
MD5

f04258cfed1c15f32770bb0cd40a94a2
SHA1

33a8df629ccf3392c615d76e0b9ce12517ae597b
SHA256

0dbd6d9cc6b7556f14ebc05f8c9346605a18da53d0262230807b4ad7738c8e62
SHA512

a88be500b00842673ebcb22fc7048866e9d7d537d40a8c5ca2a82db2cdf357c3e38f97247a645914e3d59a2b4986813417b2ebc9343c755b00ffcf77ff2bda9e

Score

10^/10

Malware Config

Extracted

Family

qakbot

Version

324.127

Botnet

spx106

Campaign

1588083274

C2

5.2.149.216:443

5.182.39.156:443

156.222.184.101:995

208.126.142.17:443

108.21.54.174:443

74.129.26.223:443

72.204.242.138:443

87.65.204.240:995

136.228.103.44:443

92.114.85.210:995

184.180.157.203:2222

72.142.106.198:995

151.205.102.42:443

172.78.181.79:443

72.181.15.240:443

186.29.97.27:443

98.243.187.85:443

137.99.224.198:443

108.21.107.203:443

97.81.255.189:443

Targets

- Target
  
  0dbd6d9cc6b7556f14ebc05f8c9346605a18da53d0262230807b4ad7738c8e62
- Size
  
  2.0MB
- MD5
  
  f04258cfed1c15f32770bb0cd40a94a2
- SHA1
  
  33a8df629ccf3392c615d76e0b9ce12517ae597b
- SHA256
  
  0dbd6d9cc6b7556f14ebc05f8c9346605a18da53d0262230807b4ad7738c8e62
- SHA512
  
  a88be500b00842673ebcb22fc7048866e9d7d537d40a8c5ca2a82db2cdf357c3e38f97247a645914e3d59a2b4986813417b2ebc9343c755b00ffcf77ff2bda9e
Score

10^/10

qakbot spx106 1588083274 banker stealer trojan
- Qakbot/Qbot
  Qbot or Qakbot is a sophisticated worm with banking capabilities.
  trojan banker stealer qakbot
behavioral1 behavioral2

MITRE ATT&CK Matrix ATT&CK v6

Initial Access

Execution

Persistence

Privilege Escalation

Defense Evasion

Credential Access

Discovery

System Information Discovery

1

T1082

Remote System Discovery

1

T1018

Lateral Movement

Collection

Exfiltration

Command and Control

Impact

Tasks

Sharing

General

Malware Config

Extracted

Targets

Qakbot/Qbot

MITRE ATT&CK Matrix ATT&CK v6

Tasks

static1

behavioral1

behavioral2