qakbot | 271b603ea3385658714d6ce69e5f663b932b742392153f3f632925a19b72bffa | Triage

Sharing

General

Target

271b603ea3385658714d6ce69e5f663b932b742392153f3f632925a19b72bffa
Size

228KB
Sample

220213-16e4hsbfa6
MD5

8fe06adffced2001f76916c80d9db76e
SHA1

737b85b1567098cbc3a218ed99d55752fe142ac1
SHA256

271b603ea3385658714d6ce69e5f663b932b742392153f3f632925a19b72bffa
SHA512

05a050728192859ed9c9aca4d2668cb40bfc215cb1247994e9deb373c38ba73dc1ca28e2e2996d2db397616c4e85c51834d0218388b73563c7fa4b4194c59c95

Score

10^/10

qakbot notset 1618398961 banker stealer trojan

Malware Config

Extracted

Family

qakbot

Version

402.12

Botnet

notset

Campaign

1618398961

C2

47.196.192.184:443

216.201.162.158:443

136.232.34.70:443

71.41.184.10:3389

140.82.49.12:443

45.63.107.192:2222

45.63.107.192:443

149.28.98.196:443

45.32.211.207:443

144.202.38.185:443

45.77.115.208:2222

45.77.115.208:8443

207.246.116.237:995

45.77.117.108:443

149.28.99.97:443

149.28.99.97:995

149.28.98.196:995

45.32.211.207:995

45.32.211.207:2222

149.28.98.196:2222

Attributes

salt
jHxastDcds)oMc=jvh7wdUhxcsdt2

Targets

- Target
  
  271b603ea3385658714d6ce69e5f663b932b742392153f3f632925a19b72bffa
- Size
  
  228KB
- MD5
  
  8fe06adffced2001f76916c80d9db76e
- SHA1
  
  737b85b1567098cbc3a218ed99d55752fe142ac1
- SHA256
  
  271b603ea3385658714d6ce69e5f663b932b742392153f3f632925a19b72bffa
- SHA512
  
  05a050728192859ed9c9aca4d2668cb40bfc215cb1247994e9deb373c38ba73dc1ca28e2e2996d2db397616c4e85c51834d0218388b73563c7fa4b4194c59c95
Score

10^/10

qakbot notset 1618398961 banker stealer trojan
- Qakbot/Qbot
  Qbot or Qakbot is a sophisticated worm with banking capabilities.
  trojan banker stealer qakbot
- Loads dropped DLL
behavioral1 behavioral2

MITRE ATT&CK Matrix ATT&CK v6

Initial Access

Execution

Scheduled Task

Persistence

Scheduled Task

Privilege Escalation

Scheduled Task

Defense Evasion

Credential Access

Discovery

Query Registry

System Information Discovery

Lateral Movement

Collection

Exfiltration

Command and Control

Impact

Tasks

static1

notset1618398961qakbot

behavioral1

qakbotnotset1618398961bankerstealertrojan

behavioral2

qakbotnotset1618398961bankerstealertrojan