qakbot | 8c4c7919651ba121f4bc6e76831f267d6cfbe1a1fec13c1fc2b3990669e8de23

General

Target

8c4c7919651ba121f4bc6e76831f267d6cfbe1a1fec13c1fc2b3990669e8de23
Size

1.0MB
Sample

220620-2yznmaehb9
MD5

9d910f6b50a32e633050444f97f001b5
SHA1

d6130b08cd7db4aecad26009a3b56a4423d18d65
SHA256

8c4c7919651ba121f4bc6e76831f267d6cfbe1a1fec13c1fc2b3990669e8de23
SHA512

3600893bbbd581ce68ff34bbbcdfc29469044b46d689e6877f68988abb49c9808a5bd6072deff98484a7b202ef38cdc39b270dfd19a19a4cae8d8ef9639988fa

Score

10^/10

Malware Config

Extracted

Family

qakbot

Version

403.688

Botnet

obama189

Campaign

1655107308

C2

91.177.173.10:995

117.248.109.38:21

182.191.92.203:995

39.52.38.164:995

217.165.84.253:993

84.241.8.23:32103

82.152.39.39:443

202.134.152.2:2222

122.118.131.132:995

120.150.218.241:995

222.169.71.98:2222

37.34.253.233:443

93.48.80.198:995

148.0.55.173:443

175.145.235.37:443

41.130.140.32:993

120.61.0.71:443

89.101.97.139:443

62.204.41.187:443

62.204.41.187:2222

Attributes

salt
jHxastDcds)oMc=jvh7wdUhxcsdt2

Targets

- Target
  
  8c4c7919651ba121f4bc6e76831f267d6cfbe1a1fec13c1fc2b3990669e8de23
- Size
  
  1.0MB
- MD5
  
  9d910f6b50a32e633050444f97f001b5
- SHA1
  
  d6130b08cd7db4aecad26009a3b56a4423d18d65
- SHA256
  
  8c4c7919651ba121f4bc6e76831f267d6cfbe1a1fec13c1fc2b3990669e8de23
- SHA512
  
  3600893bbbd581ce68ff34bbbcdfc29469044b46d689e6877f68988abb49c9808a5bd6072deff98484a7b202ef38cdc39b270dfd19a19a4cae8d8ef9639988fa
Score

10^/10

qakbot obama189 1655107308 banker stealer trojan
- Qakbot/Qbot
  Qbot or Qakbot is a sophisticated worm with banking capabilities.
  trojan banker stealer qakbot
- Loads dropped DLL
behavioral1 behavioral2

MITRE ATT&CK Matrix ATT&CK v6

Initial Access

Execution

Scheduled Task

1

T1053

Persistence

Scheduled Task

1

T1053

Privilege Escalation

Scheduled Task

1

T1053

Defense Evasion

Credential Access

Discovery

Lateral Movement

Collection

Exfiltration

Command and Control

Impact

Tasks

Sharing

General

Malware Config

Extracted

Targets

Qakbot/Qbot

Loads dropped DLL

MITRE ATT&CK Matrix ATT&CK v6

Tasks

static1

behavioral1

behavioral2