qakbot | 00b85fd88fe6b4effb5b35d04410ff130daee92f0ec7a4fad4346119b0dde868 | Triage

Sharing

General

Target

00b85fd88fe6b4effb5b35d04410ff130daee92f0ec7a4fad4346119b0dde868
Size

2.1MB
Sample

220309-s3aqmacgfq
MD5

600a7cdec7db29130d2a67d94c491f3a
SHA1

1c78c1f17a7c66007f09bff629df682f78254c02
SHA256

00b85fd88fe6b4effb5b35d04410ff130daee92f0ec7a4fad4346119b0dde868
SHA512

c60e809e15a8ee944a51adea79b76b406b48a41d446647cda9ddec975bebe7f1ab8e3820a1cccbc4f86a6447c9ba645b085e6de8c119e99ec51c72d1e73c2a80

Score

10^/10

qakbot abc107 1607078484 banker stealer trojan

Malware Config

Extracted

Family

qakbot

Version

401.62

Botnet

abc107

Campaign

1607078484

C2

32.212.117.188:443

109.205.204.229:2222

72.36.59.46:2222

173.18.126.193:2222

96.225.88.23:443

89.137.211.239:443

110.142.205.182:443

82.76.47.211:443

193.83.25.177:995

67.40.253.209:995

73.244.83.199:443

2.90.186.243:995

189.252.62.238:995

141.237.135.194:443

82.78.70.128:443

185.125.151.172:443

79.117.239.22:2222

86.189.252.131:2222

83.114.243.80:2222

2.50.56.81:443

Attributes

salt
jHxastDcds)oMc=jvh7wdUhxcsdt2

Extracted

Family

qakbot

Attributes

salt
��`

Targets

- Target
  
  00b85fd88fe6b4effb5b35d04410ff130daee92f0ec7a4fad4346119b0dde868
- Size
  
  2.1MB
- MD5
  
  600a7cdec7db29130d2a67d94c491f3a
- SHA1
  
  1c78c1f17a7c66007f09bff629df682f78254c02
- SHA256
  
  00b85fd88fe6b4effb5b35d04410ff130daee92f0ec7a4fad4346119b0dde868
- SHA512
  
  c60e809e15a8ee944a51adea79b76b406b48a41d446647cda9ddec975bebe7f1ab8e3820a1cccbc4f86a6447c9ba645b085e6de8c119e99ec51c72d1e73c2a80
Score

10^/10

qakbot abc107 1607078484 banker stealer trojan
- Qakbot/Qbot
  Qbot or Qakbot is a sophisticated worm with banking capabilities.
  trojan banker stealer qakbot
- Loads dropped DLL
behavioral1 behavioral2

MITRE ATT&CK Matrix ATT&CK v6

Initial Access

Execution

Scheduled Task

Persistence

Scheduled Task

Privilege Escalation

Scheduled Task

Defense Evasion

Credential Access

Discovery

Query Registry

Peripheral Device Discovery

System Information Discovery

Lateral Movement

Collection

Exfiltration

Command and Control

Impact

Tasks

static1

behavioral1

qakbotabc1071607078484bankerstealertrojan

behavioral2

qakbotabc1071607078484bankerstealertrojan