qakbot | c3b57d4ac9cc20b28ec084ef28b4e6d118a15447c1c300c7b785ee2fa78b4c5b

General

Target

c3b57d4ac9cc20b28ec084ef28b4e6d118a15447c1c300c7b785ee2fa78b4c5b
Size

1.1MB
Sample

220417-rr7esafhgp
MD5

b443fb16ad7ea0ed3b3a26f92841c951
SHA1

63954ecccdfc153a57921a1496bc34e07ed8d637
SHA256

c3b57d4ac9cc20b28ec084ef28b4e6d118a15447c1c300c7b785ee2fa78b4c5b
SHA512

439e418b097e4ef2f4cf04ceac2f56acfec179c84696d6559a2c5df63e9e6150943ad5c3a5e875603f4e67dd89c5f022c701d5085118d58098b8886b384a6c53

Score

10^/10

Malware Config

Extracted

Family

qakbot

Version

325.43

Botnet

abc023

Campaign

1603362336

C2

207.246.75.201:443

93.86.1.140:995

78.96.199.79:443

185.246.9.69:995

80.14.209.42:2222

72.186.1.237:443

92.59.35.196:2222

45.32.154.10:443

74.129.26.119:443

186.6.196.12:443

5.13.69.214:443

80.240.26.178:443

203.198.96.200:443

108.31.15.10:995

86.98.89.139:2222

156.213.186.133:443

72.36.59.46:2222

5.193.181.221:2078

59.99.39.32:443

108.46.145.30:443

Targets

- Target
  
  c3b57d4ac9cc20b28ec084ef28b4e6d118a15447c1c300c7b785ee2fa78b4c5b
- Size
  
  1.1MB
- MD5
  
  b443fb16ad7ea0ed3b3a26f92841c951
- SHA1
  
  63954ecccdfc153a57921a1496bc34e07ed8d637
- SHA256
  
  c3b57d4ac9cc20b28ec084ef28b4e6d118a15447c1c300c7b785ee2fa78b4c5b
- SHA512
  
  439e418b097e4ef2f4cf04ceac2f56acfec179c84696d6559a2c5df63e9e6150943ad5c3a5e875603f4e67dd89c5f022c701d5085118d58098b8886b384a6c53
Score

10^/10

qakbot abc023 1603362336 banker stealer trojan
- Qakbot/Qbot
  Qbot or Qakbot is a sophisticated worm with banking capabilities.
  trojan banker stealer qakbot
behavioral1 behavioral2

MITRE ATT&CK Matrix ATT&CK v6

Initial Access

Execution

Persistence

Privilege Escalation

Defense Evasion

Credential Access

Discovery

System Information Discovery

1

T1082

Remote System Discovery

1

T1018

Lateral Movement

Collection

Exfiltration

Command and Control

Impact

Tasks

Sharing

General

Malware Config

Extracted

Targets

Qakbot/Qbot

MITRE ATT&CK Matrix ATT&CK v6

Tasks

static1

behavioral1

behavioral2