Overview

overview

10

Static

static

NONAME.dll

windows7_x64

10

NONAME.dll

windows10-2004_x64

10

Sharing

Copy URL
Twitter E-mail

General

  • Target

    NONAME.bin

  • Size

    414KB

  • Sample

    220707-rxz8nahcbr

  • MD5

    e747ef80ae48c7cc262294986dd5e0cf

  • SHA1

    a3a8b48bb43ff885f0f3869f58964d1234fc2ac3

  • SHA256

    4dce74faffdd55d04b9efd59e74cac4263da0276ae5a6eeb1bb5eae8162a2099

  • SHA512

    33992afa976e0d5b61c2e95a59e364ca87d00c8da979e619662988b11c9fd6ca373831a31880602f4083978df37d83646bf70aeb2ee3c9c93ecb42cc24915509

Score
10/10
qakbotobama1941656313665bankerstealertrojan

Malware Config

Extracted

Family

qakbot

Version

403.780

Botnet

obama194

Campaign

1656313665

C2

70.46.220.114:443

32.221.224.140:995

67.209.195.198:443

186.90.153.162:2222

148.64.96.100:443

67.165.206.193:993

86.200.151.188:2222

80.11.74.81:2222

173.174.216.62:443

45.241.173.232:993

41.228.22.180:443

1.161.81.21:995

24.178.196.158:2222

37.34.253.233:443

93.48.80.198:995

129.208.158.180:995

120.150.218.241:995

38.70.253.226:2222

111.125.245.116:995

47.23.89.60:993
Attributes
  • salt

    jHxastDcds)oMc=jvh7wdUhxcsdt2

Targets

    • Target

      NONAME.bin

    • Size

      414KB

    • MD5

      e747ef80ae48c7cc262294986dd5e0cf

    • SHA1

      a3a8b48bb43ff885f0f3869f58964d1234fc2ac3

    • SHA256

      4dce74faffdd55d04b9efd59e74cac4263da0276ae5a6eeb1bb5eae8162a2099

    • SHA512

      33992afa976e0d5b61c2e95a59e364ca87d00c8da979e619662988b11c9fd6ca373831a31880602f4083978df37d83646bf70aeb2ee3c9c93ecb42cc24915509

    Score
    10/10
    qakbotobama1941656313665bankerstealertrojan

    • Qakbot/Qbot

      Qbot or Qakbot is a sophisticated worm with banking capabilities.

      trojanbankerstealerqakbot

    • Loads dropped DLL

    • Drops file in System32 directory

    behavioral1behavioral2

MITRE ATT&CK Matrix ATT&CK v6

Initial Access

Execution

Scheduled Task

1
T1053

Persistence

Scheduled Task

1
T1053

Privilege Escalation

Scheduled Task

1
T1053

Defense Evasion

Credential Access

Discovery

Lateral Movement

Collection

Exfiltration

Command and Control

Impact

Tasks