qakbot | c39a093c9ab94ccb3a2488f53cf31b083c97303930b9d432c1b678c9bf4c7f4f

General

Target

c39a093c9ab94ccb3a2488f53cf31b083c97303930b9d432c1b678c9bf4c7f4f
Size

2.9MB
Sample

220324-lz1pbafdg6
MD5

6005c2b3c04d03539e666b89af287df5
SHA1

80dd1018d9552acd93dfdc88adf154ef7af21b73
SHA256

c39a093c9ab94ccb3a2488f53cf31b083c97303930b9d432c1b678c9bf4c7f4f
SHA512

fe4c4786e0479cb54e507a91a15de66ac700f2f0ecbb7fc9780623376d0675d28ac02b49fbf1fc8c1646b699d5a02b4b7586f15fc3b7d5cd1886f5bb8848988e

Score

10^/10

Malware Config

Extracted

Family

qakbot

Version

401.29

Botnet

abc101

Campaign

1606331967

C2

76.104.230.174:443

187.227.86.129:995

219.255.28.241:443

78.184.6.94:443

95.159.45.82:443

91.228.36.95:443

79.115.215.125:443

24.244.161.36:443

24.71.28.247:443

73.239.229.107:995

187.153.119.36:443

190.75.167.44:2222

83.110.111.159:443

174.76.21.134:443

75.109.180.221:443

85.122.141.42:995

156.222.6.246:995

188.24.183.193:443

88.106.237.152:2222

79.166.83.103:2222

Attributes

salt
jHxastDcds)oMc=jvh7wdUhxcsdt2

Targets

- Target
  
  c39a093c9ab94ccb3a2488f53cf31b083c97303930b9d432c1b678c9bf4c7f4f
- Size
  
  2.9MB
- MD5
  
  6005c2b3c04d03539e666b89af287df5
- SHA1
  
  80dd1018d9552acd93dfdc88adf154ef7af21b73
- SHA256
  
  c39a093c9ab94ccb3a2488f53cf31b083c97303930b9d432c1b678c9bf4c7f4f
- SHA512
  
  fe4c4786e0479cb54e507a91a15de66ac700f2f0ecbb7fc9780623376d0675d28ac02b49fbf1fc8c1646b699d5a02b4b7586f15fc3b7d5cd1886f5bb8848988e
Score

10^/10

qakbot abc101 1606331967 banker stealer trojan
- Qakbot/Qbot
  Qbot or Qakbot is a sophisticated worm with banking capabilities.
  trojan banker stealer qakbot
- Loads dropped DLL
behavioral1 behavioral2

MITRE ATT&CK Matrix ATT&CK v6

Initial Access

Execution

Scheduled Task

1

T1053

Persistence

Scheduled Task

1

T1053

Privilege Escalation

Scheduled Task

1

T1053

Defense Evasion

Credential Access

Discovery

Lateral Movement

Collection

Exfiltration

Command and Control

Impact

Tasks

Sharing

General

Malware Config

Extracted

Targets

Qakbot/Qbot

Loads dropped DLL

MITRE ATT&CK Matrix ATT&CK v6

Tasks

static1

behavioral1

behavioral2