Overview

overview

10

Static

static

1.dll

windows7_x64

10

1.dll

windows10-2004_x64

10

Sharing

Copy URL
Twitter E-mail

General

  • Target

    1.dll

  • Size

    1.0MB

  • Sample

    220623-sjhxwsdfel

  • MD5

    eb31be549bdbcf8d6c3b757884f53793

  • SHA1

    6c88fbb10e9c966713d3602c9200536d13f95540

  • SHA256

    77e6a51acde3aa1b073c2cd7f4379fe215d07cba78a17a7dfc66d331a9cddb3a

  • SHA512

    cbc56dae7c2d33f14bf6c450be7fd756531b191b8a0167945b2d9a2255701c4b364742c0ff863060ecce86a7f3dab2c39540c10c5b79846d4ac93fb423b3ca6e

Score
10/10
qakbotaa1655971687bankerstealertrojan

Malware Config

Extracted

Family

qakbot

Version

403.780

Botnet

AA

Campaign

1655971687

C2

38.70.253.226:2222

47.23.89.60:993

120.150.218.241:995

117.248.109.38:21

37.34.253.233:443

86.132.14.70:2078

111.125.245.116:995

217.165.85.191:993

176.45.232.204:995

5.32.41.45:443

93.48.80.198:995

100.38.242.113:995

94.59.252.166:2222

74.14.5.179:2222

71.13.93.154:2222

193.253.44.249:2222

108.60.213.141:443

45.241.231.78:993

217.128.122.65:2222

40.134.246.185:995
Attributes
  • salt

    jHxastDcds)oMc=jvh7wdUhxcsdt2

Targets

    • Target

      1.dll

    • Size

      1.0MB

    • MD5

      eb31be549bdbcf8d6c3b757884f53793

    • SHA1

      6c88fbb10e9c966713d3602c9200536d13f95540

    • SHA256

      77e6a51acde3aa1b073c2cd7f4379fe215d07cba78a17a7dfc66d331a9cddb3a

    • SHA512

      cbc56dae7c2d33f14bf6c450be7fd756531b191b8a0167945b2d9a2255701c4b364742c0ff863060ecce86a7f3dab2c39540c10c5b79846d4ac93fb423b3ca6e

    Score
    10/10
    qakbotaa1655971687bankerstealertrojan

    • Qakbot/Qbot

      Qbot or Qakbot is a sophisticated worm with banking capabilities.

      trojanbankerstealerqakbot

    • Loads dropped DLL

    • Drops file in System32 directory

    behavioral1behavioral2

MITRE ATT&CK Matrix ATT&CK v6

Initial Access

Execution

Scheduled Task

1
T1053

Persistence

Scheduled Task

1
T1053

Privilege Escalation

Scheduled Task

1
T1053

Defense Evasion

Credential Access

Discovery

Lateral Movement

Collection

Exfiltration

Command and Control

Impact

Tasks