qakbot | a3af7cbd3e8221ce0fd4134d407b08d2a1fb203221df99354502a64f833f9736

General

Target

a3af7cbd3e8221ce0fd4134d407b08d2a1fb203221df99354502a64f833f9736
Size

1.4MB
Sample

220608-dhcbdsaeb7
MD5

c56c54567febdf25c68909013b7b6137
SHA1

d27b6b38b7fe02dd8cd1da41af77200cc2e78de1
SHA256

a3af7cbd3e8221ce0fd4134d407b08d2a1fb203221df99354502a64f833f9736
SHA512

64324f4fbf31a4140b3ed966171079ecf823c8df8ae59f04e083744ab35230625a095ac3bb37c693cdd10844b4f7db60aaece5ede6e9eba48d6f1b9208780f5c

Score

10^/10

Malware Config

Extracted

Family

qakbot

Version

403.694

Botnet

obama186

Campaign

1654596660

C2

67.165.206.193:993

63.143.92.99:995

74.14.5.179:2222

182.191.92.203:995

197.89.8.51:443

89.101.97.139:443

86.97.9.190:443

124.40.244.115:2222

80.11.74.81:2222

41.215.153.104:995

179.100.20.32:32101

31.35.28.29:443

202.134.152.2:2222

109.12.111.14:443

93.48.80.198:995

120.150.218.241:995

41.38.167.179:995

177.94.57.126:32101

173.174.216.62:443

1.161.101.20:443

Attributes

salt
jHxastDcds)oMc=jvh7wdUhxcsdt2

Targets

- Target
  
  a3af7cbd3e8221ce0fd4134d407b08d2a1fb203221df99354502a64f833f9736
- Size
  
  1.4MB
- MD5
  
  c56c54567febdf25c68909013b7b6137
- SHA1
  
  d27b6b38b7fe02dd8cd1da41af77200cc2e78de1
- SHA256
  
  a3af7cbd3e8221ce0fd4134d407b08d2a1fb203221df99354502a64f833f9736
- SHA512
  
  64324f4fbf31a4140b3ed966171079ecf823c8df8ae59f04e083744ab35230625a095ac3bb37c693cdd10844b4f7db60aaece5ede6e9eba48d6f1b9208780f5c
Score

10^/10

qakbot obama186 1654596660 banker stealer trojan
- Qakbot/Qbot
  Qbot or Qakbot is a sophisticated worm with banking capabilities.
  trojan banker stealer qakbot
- Loads dropped DLL
behavioral1 behavioral2

MITRE ATT&CK Matrix ATT&CK v6

Initial Access

Execution

Scheduled Task

1

T1053

Persistence

Scheduled Task

1

T1053

Privilege Escalation

Scheduled Task

1

T1053

Defense Evasion

Credential Access

Discovery

Lateral Movement

Collection

Exfiltration

Command and Control

Impact

Tasks

Sharing

General

Malware Config

Extracted

Targets

Qakbot/Qbot

Loads dropped DLL

MITRE ATT&CK Matrix ATT&CK v6

Tasks

static1

behavioral1

behavioral2