qakbot | 730fea742f1f085e886021c0b308c61ed45033bbcfc427c4a529c870675c4a18

General

Target

730fea742f1f085e886021c0b308c61ed45033bbcfc427c4a529c870675c4a18
Size

1.4MB
Sample

220609-m31ddsbfa9
MD5

8aa76f6b10b34ffde47abbf07af4fd6a
SHA1

353b6b26cce9f62944e0195ab3fc34178339266a
SHA256

730fea742f1f085e886021c0b308c61ed45033bbcfc427c4a529c870675c4a18
SHA512

6e970054fa72ee7e2508863eaae7eae5269f621893de386636fd28f59ec505a41acde2533d243fbdd73e2e7d7b2d5ff34b1ae86c3695fa5f95ea27bc18482201

Score

10^/10

Malware Config

Extracted

Family

qakbot

Version

403.694

Botnet

obama186

Campaign

1654596660

C2

67.165.206.193:993

63.143.92.99:995

74.14.5.179:2222

182.191.92.203:995

197.89.8.51:443

89.101.97.139:443

86.97.9.190:443

124.40.244.115:2222

80.11.74.81:2222

41.215.153.104:995

179.100.20.32:32101

31.35.28.29:443

202.134.152.2:2222

109.12.111.14:443

93.48.80.198:995

120.150.218.241:995

41.38.167.179:995

177.94.57.126:32101

173.174.216.62:443

1.161.101.20:443

Attributes

salt
jHxastDcds)oMc=jvh7wdUhxcsdt2

Targets

- Target
  
  730fea742f1f085e886021c0b308c61ed45033bbcfc427c4a529c870675c4a18
- Size
  
  1.4MB
- MD5
  
  8aa76f6b10b34ffde47abbf07af4fd6a
- SHA1
  
  353b6b26cce9f62944e0195ab3fc34178339266a
- SHA256
  
  730fea742f1f085e886021c0b308c61ed45033bbcfc427c4a529c870675c4a18
- SHA512
  
  6e970054fa72ee7e2508863eaae7eae5269f621893de386636fd28f59ec505a41acde2533d243fbdd73e2e7d7b2d5ff34b1ae86c3695fa5f95ea27bc18482201
Score

10^/10

qakbot obama186 1654596660 banker stealer trojan
- Qakbot/Qbot
  Qbot or Qakbot is a sophisticated worm with banking capabilities.
  trojan banker stealer qakbot
- Loads dropped DLL
behavioral1 behavioral2

MITRE ATT&CK Matrix ATT&CK v6

Initial Access

Execution

Scheduled Task

1

T1053

Persistence

Scheduled Task

1

T1053

Privilege Escalation

Scheduled Task

1

T1053

Defense Evasion

Credential Access

Discovery

Lateral Movement

Collection

Exfiltration

Command and Control

Impact

Tasks

Sharing

General

Malware Config

Extracted

Targets

Qakbot/Qbot

Loads dropped DLL

MITRE ATT&CK Matrix ATT&CK v6

Tasks

static1

behavioral1

behavioral2