Overview

overview

10

Static

static

362e568558...f5.msi

windows10_x64

10

Sharing

Copy URL
Twitter E-mail

General

  • Target

    7736356120.zip

  • Size

    644KB

  • Sample

    220713-2p9r8sbhgk

  • MD5

    b20eebe7b16cca711157ae1c22b6fa66

  • SHA1

    6b11f27fa642ccc6ded83161cdaea593401b85a9

  • SHA256

    d8d3a7b073ccf33ba301011c49f5ab3d2507904fd6aa5b13ba4efd400d57873a

  • SHA512

    452f2151b4af3be55916c9ad5b00ce722eac7562deb14bb68da72cdbc0b2b524bb7c32ddaff891456fe7b979568a1c686d3af98a945a735ba1e86611f95764c3

Score
10/10
qakbotvip011657721813bankerstealertrojan

Malware Config

Extracted

Family

qakbot

Version

403.780

Botnet

vip01

Campaign

1657721813

C2

67.209.195.198:443

63.143.92.99:995

148.64.96.100:443

72.252.157.93:990

72.252.157.93:995

89.101.97.139:443

76.25.142.196:443

47.180.172.159:443

67.165.206.193:993

32.221.224.140:995

70.46.220.114:443

176.45.218.138:995

174.69.215.101:443

24.54.48.11:443

86.97.10.37:443

81.158.239.251:2078

37.34.253.233:443

120.150.218.241:995

186.90.153.162:2222

38.70.253.226:2222
Attributes
  • salt

    jHxastDcds)oMc=jvh7wdUhxcsdt2

Targets

    • Target

      362e56855844fb2be3dfae4b566ab676f6ec681fad1c1a2e8eb6d245d56b83f5

    • Size

      676KB

    • MD5

      a0d132cdc67c29abf79ecf455c4a4e25

    • SHA1

      2b278de35e52d695b27e1c880d35db04daa982bf

    • SHA256

      362e56855844fb2be3dfae4b566ab676f6ec681fad1c1a2e8eb6d245d56b83f5

    • SHA512

      645d2e3a168667de44d04756f48fe1d7d6581efc0755dccd72f6e09e603300783777b3b3376bb0d2bfab4c1ad3d239845eb606acffc3ea4ea4261d451c427ddf

    Score
    10/10
    qakbotvip011657721813bankerstealertrojan

    • Qakbot/Qbot

      Qbot or Qakbot is a sophisticated worm with banking capabilities.

      trojanbankerstealerqakbot

    • Blocklisted process makes network request

    • Loads dropped DLL

    • Enumerates connected drives

      Attempts to read the root path of hard drives other than the default C: drive.

    • Drops file in System32 directory

    behavioral1

MITRE ATT&CK Enterprise v6

Tasks