qakbot | 15503ac0f26da424a237d2dff831b1272431858a55fd9dd453235f7d4e3329a2

General

Target

FVA6wPJtpCSiN9Lf_DGxJyQxhYpV-Z3UUyNffU4zKaI.bin
Size

472KB
Sample

220909-vx4smacebr
MD5

0b488aff160b95be4136c01bff7c319e
SHA1

30d89c576f76c8d4fe30c50ba366c3b925dcec50
SHA256

15503ac0f26da424a237d2dff831b1272431858a55fd9dd453235f7d4e3329a2
SHA512

78a6dd0edc18ec0b447b71712b37de2b5d4b852ee544082ed2dd52f2f3fcb54a53b69d5156cb9731ec6093b5741b27c28eb3f3109080f7047f898d2bb4cfc089
SSDEEP

6144:NwzbxIfuyyJRzNT2EP+jfOSHOJy1hrGSmn945nq/syCzScTQeXYltq4no7sxOUd5:oAyrP+DfhrGSACq/OSc8DltxETUJL7h

Score

10^/10

qakbot bb 1662650043 banker stealer trojan

Malware Config

Extracted

Family

qakbot

Version

403.860

Botnet

BB

Campaign

1662650043

C2

191.97.234.238:995

81.131.161.131:2078

197.94.210.133:443

193.3.19.37:443

70.51.153.182:2222

99.232.140.205:2222

123.240.131.1:443

177.102.84.28:32101

105.156.152.227:443

190.59.247.136:995

89.211.218.88:2222

81.214.220.237:443

85.99.62.74:443

217.165.68.122:993

219.69.103.199:443

37.210.148.30:995

64.207.215.69:443

113.169.57.104:443

179.225.221.169:32101

151.234.94.35:990

Attributes

salt
SoNuce]ugdiB3c[doMuce2s81*uXmcvP

Targets

- Target
  
  FVA6wPJtpCSiN9Lf_DGxJyQxhYpV-Z3UUyNffU4zKaI.bin
- Size
  
  472KB
- MD5
  
  0b488aff160b95be4136c01bff7c319e
- SHA1
  
  30d89c576f76c8d4fe30c50ba366c3b925dcec50
- SHA256
  
  15503ac0f26da424a237d2dff831b1272431858a55fd9dd453235f7d4e3329a2
- SHA512
  
  78a6dd0edc18ec0b447b71712b37de2b5d4b852ee544082ed2dd52f2f3fcb54a53b69d5156cb9731ec6093b5741b27c28eb3f3109080f7047f898d2bb4cfc089
- SSDEEP
  
  6144:NwzbxIfuyyJRzNT2EP+jfOSHOJy1hrGSmn945nq/syCzScTQeXYltq4no7sxOUd5:oAyrP+DfhrGSACq/OSc8DltxETUJL7h
Score

10^/10

qakbot bb 1662650043 banker stealer trojan
- Qakbot/Qbot
  Qbot or Qakbot is a sophisticated worm with banking capabilities.
  trojan banker stealer qakbot
behavioral1 behavioral2

MITRE ATT&CK Matrix ATT&CK v6

Initial Access

Execution

Scheduled Task

1

T1053

Persistence

Scheduled Task

1

T1053

Privilege Escalation

Scheduled Task

1

T1053

Defense Evasion

Credential Access

Discovery

Lateral Movement

Collection

Exfiltration

Command and Control

Impact

Tasks

Sharing

General

Malware Config

Extracted

Targets

Qakbot/Qbot

MITRE ATT&CK Matrix ATT&CK v6

Tasks

static1

behavioral1

behavioral2