Overview

overview

10

Static

static

fc747fd7a6...09.dll

windows7_x64

10

fc747fd7a6...09.dll

windows10-2004_x64

10

Sharing

Copy URL
Twitter E-mail

General

  • Target

    fc747fd7a692f1e158278aed49dad6111ea87f141e9d900c8f027fbd7ca6f109

  • Size

    2.4MB

  • Sample

    220319-kqtnzaegck

  • MD5

    76442c33a207e181eabf4727e7f358bf

  • SHA1

    d32a2d1d407c051a8e150aa1e93b30731a7681e9

  • SHA256

    fc747fd7a692f1e158278aed49dad6111ea87f141e9d900c8f027fbd7ca6f109

  • SHA512

    2de0b4f54b4b97005907cfdc5bdd1d8c1a400bb1187f3f2bfc199efa0c555348ed8a3eb8c6b69eed5742b55c1209a2fd1d350f6e2685672ee93a24c74194300a

Score
10/10
qakbotabc1171608719407bankerstealertrojan

Malware Config

Extracted

Family

qakbot

Version

401.157

Botnet

abc117

Campaign

1608719407

C2

41.39.134.183:443

113.193.187.2:995

90.188.91.57:995

176.181.247.197:443

78.191.87.198:20

83.110.241.182:443

93.149.167.254:2222

76.111.128.194:443

32.212.117.188:443

72.36.59.46:2222

68.186.192.69:443

94.98.248.152:443

105.226.38.36:443

92.154.83.96:2222

37.210.255.225:995

74.195.52.3:443

73.166.10.38:443

95.77.223.148:443

80.227.5.70:443

91.104.104.63:995

Targets

    • Target

      fc747fd7a692f1e158278aed49dad6111ea87f141e9d900c8f027fbd7ca6f109

    • Size

      2.4MB

    • MD5

      76442c33a207e181eabf4727e7f358bf

    • SHA1

      d32a2d1d407c051a8e150aa1e93b30731a7681e9

    • SHA256

      fc747fd7a692f1e158278aed49dad6111ea87f141e9d900c8f027fbd7ca6f109

    • SHA512

      2de0b4f54b4b97005907cfdc5bdd1d8c1a400bb1187f3f2bfc199efa0c555348ed8a3eb8c6b69eed5742b55c1209a2fd1d350f6e2685672ee93a24c74194300a

    Score
    10/10
    qakbotabc1171608719407bankerstealertrojan
    behavioral1behavioral2

MITRE ATT&CK Matrix ATT&CK v6

Initial Access

Execution

Scheduled Task

1
T1053

Persistence

Scheduled Task

1
T1053

Privilege Escalation

Scheduled Task

1
T1053

Defense Evasion

Credential Access

Discovery

Lateral Movement

Collection

Exfiltration

Command and Control

Impact

Tasks