qakbot | fce49100872fb07dea83d417a95574304dcfdfc835034739af1a50a752b8594a

General

Target

_Rsr.dll
Size

399KB
Sample

220912-td2ngshchl
MD5

416a95274ef9248e08d88d5e2abe6971
SHA1

03ac095d3a7bedad7b5c4aa1ea02c77be9fa86cb
SHA256

fce49100872fb07dea83d417a95574304dcfdfc835034739af1a50a752b8594a
SHA512

849efaca1e00e21fb1201265cf88243f6ab6f11b887bacf395ea115ba2a5d5da26fe6efe48ba6bf0534c45e5306ea844f166bab79bb4c4597a5870a36e5f481c
SSDEEP

12288:Iszlp6XPvegFvr1rOl7OwLT7H5DOrC/Wg2t5rJgq:Iszlp0Pv/vr8xff1DOGb2t5iq

Score

10^/10

qakbot bb 1662992461 banker stealer trojan

Malware Config

Extracted

Family

qakbot

Version

403.868

Botnet

BB

Campaign

1662992461

C2

41.97.64.224:443

191.97.234.238:995

89.211.219.157:2222

193.3.19.37:443

70.51.137.118:2222

99.232.140.205:2222

175.110.231.67:443

196.92.172.24:8443

179.111.111.88:32101

134.35.11.110:443

84.38.133.191:443

102.188.100.131:995

197.94.210.133:443

200.161.62.126:32101

194.49.79.231:443

41.248.89.135:443

81.131.161.131:2078

86.98.156.176:993

37.210.148.30:995

81.214.220.237:443

Attributes

salt
SoNuce]ugdiB3c[doMuce2s81*uXmcvP

Targets

- Target
  
  _Rsr.dll
- Size
  
  399KB
- MD5
  
  416a95274ef9248e08d88d5e2abe6971
- SHA1
  
  03ac095d3a7bedad7b5c4aa1ea02c77be9fa86cb
- SHA256
  
  fce49100872fb07dea83d417a95574304dcfdfc835034739af1a50a752b8594a
- SHA512
  
  849efaca1e00e21fb1201265cf88243f6ab6f11b887bacf395ea115ba2a5d5da26fe6efe48ba6bf0534c45e5306ea844f166bab79bb4c4597a5870a36e5f481c
- SSDEEP
  
  12288:Iszlp6XPvegFvr1rOl7OwLT7H5DOrC/Wg2t5rJgq:Iszlp0Pv/vr8xff1DOGb2t5iq
Score

10^/10

qakbot bb 1662992461 banker stealer trojan
- Qakbot/Qbot
  Qbot or Qakbot is a sophisticated worm with banking capabilities.
  trojan banker stealer qakbot
behavioral1 behavioral2

MITRE ATT&CK Matrix

Tasks

Sharing

General

Malware Config

Extracted

Targets

Qakbot/Qbot

MITRE ATT&CK Matrix

Tasks

static1

behavioral1

behavioral2