qakbot | 65202cb571878d19f98a533414c0fa1d88d2a758eead9cbc15bf1cf22e7eaf21

General

Target

7367716174.zip
Size

604KB
Sample

220428-smrzzahde3
MD5

e3553ba45574f3fd7d9390cacfdd835f
SHA1

3c78ecf3a2bcf77e3be9e9f4d59597d14110da20
SHA256

65202cb571878d19f98a533414c0fa1d88d2a758eead9cbc15bf1cf22e7eaf21
SHA512

a6f6440b182c11c8b6d1ce6516835401ffa74ac9d4b6e184b3373e873cc998bbe8dcfc07f26f265ffad498548e07c1058260ff250181166616a5798794293cac

Score

10^/10

Malware Config

Extracted

Family

qakbot

Version

403.573

Botnet

obama180

Campaign

1650959141

C2

2.50.4.57:443

85.246.82.244:443

121.7.223.59:2222

197.161.137.67:993

38.70.253.226:2222

47.23.89.62:993

172.114.160.81:443

75.99.168.194:443

82.152.39.39:443

108.60.213.141:443

148.64.96.100:443

167.86.191.84:443

187.207.47.198:61202

103.107.113.120:443

203.122.46.130:443

106.51.48.170:50001

47.23.89.62:995

140.82.49.12:443

102.65.38.74:443

103.246.242.202:443

Attributes

salt
jHxastDcds)oMc=jvh7wdUhxcsdt2

Targets

- Target
  
  e1feb91993beaf2b36bf5ace03c436dade8f41c2028567d57bacd48e1efac6e6
- Size
  
  615KB
- MD5
  
  e34f5c3bba69bfb4c35d9aaf91882caf
- SHA1
  
  a33cb1826a0519a0da49796ba2c6d4d691a69b01
- SHA256
  
  e1feb91993beaf2b36bf5ace03c436dade8f41c2028567d57bacd48e1efac6e6
- SHA512
  
  104886cdb9aac4c22b370761476fedfc0e94c1cbbc3495e0ab65e6716f1979076e9bf783c21d81f1348f7c80474f3dcef0cdcb9c46668d38f993772f84f71428
Score

10^/10

qakbot obama180 1650959141 banker stealer trojan
- Qakbot/Qbot
  Qbot or Qakbot is a sophisticated worm with banking capabilities.
  trojan banker stealer qakbot
behavioral1 behavioral2

MITRE ATT&CK Matrix

Tasks

Sharing

General

Malware Config

Extracted

Targets

Qakbot/Qbot

MITRE ATT&CK Matrix

Tasks

static1

behavioral1

behavioral2