qakbot | 42ad1e843f44a725a6666d3d27f10caaa2252a05e1bc0b9c3c315496728f9f25

General

Target

MARGINALITY.DB
Size

703KB
Sample

220921-vbv9csgga7
MD5

069fbff5bbfa4dd3295442b26893c6bb
SHA1

1ef32f07ffb2f1cf5198203b7d263fd74d50939b
SHA256

42ad1e843f44a725a6666d3d27f10caaa2252a05e1bc0b9c3c315496728f9f25
SHA512

4c54c38d2f7a3fdcc154747d71db2a4871131e3a632eb5ede959f03370af9ba651825ed2a4318553ec0feeb82da1389cf15c4e74390d44edc72ddc01ea1eaa69
SSDEEP

12288:10cDgZApguXaZhjxA8DPG+WAHlKHnhMIEe5UT+QD1lNMABa:6w76Za8Gy8HnP5w9Mqa

Score

10^/10

qakbot bb 1663698873 banker stealer trojan

Malware Config

Extracted

Family

qakbot

Version

403.895

Botnet

BB

Campaign

1663698873

C2

173.218.180.91:443

134.35.13.43:443

197.94.84.128:443

70.51.132.197:2222

181.118.183.123:443

189.19.189.222:32101

41.111.1.60:995

70.49.33.200:2222

99.232.140.205:2222

139.228.33.176:2222

193.3.19.37:443

41.99.57.155:443

177.255.14.99:995

31.54.39.153:2078

191.97.234.238:995

105.159.30.48:443

217.165.146.41:993

119.82.111.158:443

66.181.164.43:443

88.245.168.200:2222

Attributes

salt
SoNuce]ugdiB3c[doMuce2s81*uXmcvP

Targets

- Target
  
  MARGINALITY.DB
- Size
  
  703KB
- MD5
  
  069fbff5bbfa4dd3295442b26893c6bb
- SHA1
  
  1ef32f07ffb2f1cf5198203b7d263fd74d50939b
- SHA256
  
  42ad1e843f44a725a6666d3d27f10caaa2252a05e1bc0b9c3c315496728f9f25
- SHA512
  
  4c54c38d2f7a3fdcc154747d71db2a4871131e3a632eb5ede959f03370af9ba651825ed2a4318553ec0feeb82da1389cf15c4e74390d44edc72ddc01ea1eaa69
- SSDEEP
  
  12288:10cDgZApguXaZhjxA8DPG+WAHlKHnhMIEe5UT+QD1lNMABa:6w76Za8Gy8HnP5w9Mqa
Score

10^/10

qakbot bb 1663698873 banker stealer trojan
- Qakbot/Qbot
  Qbot or Qakbot is a sophisticated worm with banking capabilities.
  trojan banker stealer qakbot
behavioral1 behavioral2

MITRE ATT&CK Matrix

Tasks

Sharing

General

Malware Config

Extracted

Targets

Qakbot/Qbot

MITRE ATT&CK Matrix

Tasks

static1

behavioral1

behavioral2