qakbot | fae3a4ec87cc7f10286ed3877540a5a3de90a77400b52bc3e91a26a8204db309

General

Target

fae3a4ec87cc7f10286ed3877540a5a3de90a77400b52bc3e91a26a8204db309
Size

991KB
Sample

220810-vfegeaeff2
MD5

abef3d50aa29812cd8fb7ba18279c9e9
SHA1

734d5fe16bb8570b755c0e44d48fb5e6f0d59fc6
SHA256

fae3a4ec87cc7f10286ed3877540a5a3de90a77400b52bc3e91a26a8204db309
SHA512

d007749632e510f11cbb5aebf6507a48ffc555729fcdf83c114008b8cf3b160780a0dbf5022a1dabc0fe608e6c0686528fa64f16e6e8bc31f06d0857129cb4a4

Score

10^/10

qakbot tr 1635953596 banker stealer trojan

Malware Config

Extracted

Family

qakbot

Version

402.388

Botnet

tr

Campaign

1635953596

C2

190.73.3.148:2222

109.177.30.138:995

181.99.138.132:465

109.228.255.59:443

94.200.181.154:443

103.150.40.76:995

216.238.71.31:443

216.238.72.121:443

216.238.72.121:995

216.238.71.31:995

177.172.5.228:995

201.172.31.95:80

67.165.206.193:993

50.194.160.233:32100

92.59.35.196:2222

89.101.97.139:443

176.35.109.202:2222

140.82.49.12:443

109.133.93.127:995

71.13.93.154:2222

Attributes

salt
jHxastDcds)oMc=jvh7wdUhxcsdt2

Targets

- Target
  
  fae3a4ec87cc7f10286ed3877540a5a3de90a77400b52bc3e91a26a8204db309
- Size
  
  991KB
- MD5
  
  abef3d50aa29812cd8fb7ba18279c9e9
- SHA1
  
  734d5fe16bb8570b755c0e44d48fb5e6f0d59fc6
- SHA256
  
  fae3a4ec87cc7f10286ed3877540a5a3de90a77400b52bc3e91a26a8204db309
- SHA512
  
  d007749632e510f11cbb5aebf6507a48ffc555729fcdf83c114008b8cf3b160780a0dbf5022a1dabc0fe608e6c0686528fa64f16e6e8bc31f06d0857129cb4a4
Score

10^/10

qakbot tr 1635953596 banker stealer trojan
- Qakbot/Qbot
  Qbot or Qakbot is a sophisticated worm with banking capabilities.
  trojan banker stealer qakbot
- Loads dropped DLL
behavioral1 behavioral2

MITRE ATT&CK Matrix ATT&CK v6

Initial Access

Execution

Scheduled Task

1

T1053

Persistence

Scheduled Task

1

T1053

Privilege Escalation

Scheduled Task

1

T1053

Defense Evasion

Credential Access

Discovery

Lateral Movement

Collection

Exfiltration

Command and Control

Impact

Tasks

Sharing

General

Malware Config

Extracted

Targets

Qakbot/Qbot

Loads dropped DLL

MITRE ATT&CK Matrix ATT&CK v6

Tasks

static1

behavioral1

behavioral2