qakbot | 263018d274b66a6c4b70387be645ae164ea833de8a2505b76eb90b3899bfe917 | Triage

Sharing

General

Target

263018d274b66a6c4b70387be645ae164ea833de8a2505b76eb90b3899bfe917
Size

600KB
Sample

220320-g3br5saaa4
MD5

91e8fcdf6706c6afa6541aa71ff62016
SHA1

b2df07d1ed4a2345768da9c42768d1e9edfcbb52
SHA256

263018d274b66a6c4b70387be645ae164ea833de8a2505b76eb90b3899bfe917
SHA512

7e9b55d43aa533b8b7780a1fce53985fcd76295d88e69c82dad185f3482c224301745d397f1d9e1cdde0702cb6f803227cf0b313e44c0f271944a5af4d07e873

Score

10^/10

qakbot abc114 1608108680 banker stealer trojan

Malware Config

Extracted

Family

qakbot

Version

401.138

Botnet

abc114

Campaign

1608108680

C2

89.240.164.40:2222

80.195.103.146:2222

39.32.147.77:995

95.76.27.6:443

24.138.75.11:443

124.29.232.108:443

2.51.240.250:995

79.129.252.62:2222

5.193.148.126:2078

84.247.55.190:8443

2.50.159.19:2222

37.105.7.219:995

196.204.207.111:443

184.179.14.130:22

203.106.116.190:443

155.186.9.160:443

202.141.225.158:443

172.87.157.235:3389

81.133.234.36:2222

2.91.9.248:443

Attributes

salt
jHxastDcds)oMc=jvh7wdUhxcsdt2

Targets

- Target
  
  263018d274b66a6c4b70387be645ae164ea833de8a2505b76eb90b3899bfe917
- Size
  
  600KB
- MD5
  
  91e8fcdf6706c6afa6541aa71ff62016
- SHA1
  
  b2df07d1ed4a2345768da9c42768d1e9edfcbb52
- SHA256
  
  263018d274b66a6c4b70387be645ae164ea833de8a2505b76eb90b3899bfe917
- SHA512
  
  7e9b55d43aa533b8b7780a1fce53985fcd76295d88e69c82dad185f3482c224301745d397f1d9e1cdde0702cb6f803227cf0b313e44c0f271944a5af4d07e873
Score

10^/10

qakbot abc114 1608108680 banker stealer trojan
- Qakbot/Qbot
  Qbot or Qakbot is a sophisticated worm with banking capabilities.
  trojan banker stealer qakbot
- Loads dropped DLL
behavioral1 behavioral2

MITRE ATT&CK Matrix ATT&CK v6

Initial Access

Execution

Scheduled Task

Persistence

Scheduled Task

Privilege Escalation

Scheduled Task

Defense Evasion

Credential Access

Discovery

Query Registry

Peripheral Device Discovery

System Information Discovery

Lateral Movement

Collection

Exfiltration

Command and Control

Impact

Tasks

static1

behavioral1

qakbotabc1141608108680bankerstealertrojan

behavioral2

qakbotabc1141608108680bankerstealertrojan