qakbot | 199e0fe45d95b255e25cfefd21f9689396bb925493cbccc3951c1c2414fe8e31

Sharing

Copy URL

Twitter E-mail

General

Target

Accounting#1737.iso
Size

1.4MB
Sample

220927-vnjfbsfagp
MD5

e085d7155cf7d71497c5d805a2ef4e74
SHA1

e9e10cd172e6b393e45485872e43ceaa072537aa
SHA256

199e0fe45d95b255e25cfefd21f9689396bb925493cbccc3951c1c2414fe8e31
SHA512

22f1b97544efb7d0baee67a0ea857fd5dbe661617f100014479f63c42d9d03098935a62be391511e2f7f0a5230c968c99b247d152d6e63dba5a0112ec6bf5b1b
SSDEEP

24576:CVPl57rJCnz6zTz+qAl5w9MAqsdjcMGz:ChtOqPHcM

Score

10^/10

qakbot bb 1664292185 banker stealer trojan

Malware Config

Extracted

Family

qakbot

Version

403.895

Botnet

Campaign

1664292185

212.102.56.47:443

189.189.89.32:443

85.245.143.94:443

110.238.39.214:443

185.233.79.238:995

85.94.178.73:995

193.3.19.137:443

193.254.32.156:443

154.237.49.4:995

41.104.77.244:443

181.206.46.7:443

186.16.163.94:443

75.71.96.226:995

179.111.23.186:32101

41.97.65.83:443

41.105.89.30:443

85.86.242.245:443

181.105.32.5:443

197.41.235.69:995

103.173.121.17:443

Attributes

salt
SoNuce]ugdiB3c[doMuce2s81*uXmcvP

Targets

- Target
  
  Accounting.lnk
- Size
  
  1KB
- MD5
  
  040f242254de5cfd7c22f94f63cdd279
- SHA1
  
  0af3db040791ff5c2084b7588aaa7c0c4c40f338
- SHA256
  
  b5e6cb534363ee26bb64ecc1b0523803912fc84280df3cbeedfadd10773235c9
- SHA512
  
  c255b507efc169d98f858f86ef0d4c3ab88dd440143d857321da0aec849f4c937dc8719f5749443a0b7887c653a1ccee715b27ba91dc7c2b2dc61a414ab0509f
Score

3^/10
behavioral1 behavioral2
- Target
  
  maliciously/argentina.db
- Size
  
  1.1MB
- MD5
  
  f533e6c66d8a458c97c2bd408757d481
- SHA1
  
  1e75151f247c76c7de272d20138aadb921323fba
- SHA256
  
  b7e432ebcbff1842f6639e6cc8ba2cca6a7ebe6374d40fda88b9de0fa920b225
- SHA512
  
  05bff106715af50eda60e2f9fe5347b6585ab53830d7bd7fb1a08820d87324cff770fd9e07f2d1273f2a461748a84a262f2060332a8961456e672c983aebbc62
- SSDEEP
  
  12288:hTNDT7Pi5+57H2VR2J4bi4XXkM6ZlPK9912W0TFz+L2AUn0jggyi5UT+QD1lNMAL:ZVPl57rJCnz6zTz+qAl5w9MA
Score

10^/10

qakbot bb 1664292185 banker stealer trojan
- Qakbot/Qbot
  Qbot or Qakbot is a sophisticated worm with banking capabilities.
  trojan banker stealer qakbot
behavioral3 behavioral4
- Target
  
  maliciously/massifsTorturousness.cmd
- Size
  
  50B
- MD5
  
  7c5b9dc6fed6c8ff6db8cf954170de13
- SHA1
  
  bf647b4deb62a30ded339a1bd2a278a582aa956a
- SHA256
  
  f5215cb6dbd3f10e382f600ab31eb94cf41cda7b3649197e865b52674a94ab5d
- SHA512
  
  5ef894f3d412f3f44cab2da4f71c492a19e8f3b7425da8596a91b85f445f6597b958bf0232bce1150cef31146fb5977e03983b4b58dbfcbf6115c2cb5644caa3
Score

1^/10
behavioral5 behavioral6
- Target
  
  maliciously/undercutTestator.js
- Size
  
  228B
- MD5
  
  03784779bbbe57ebaaf7e4fcb29e9f36
- SHA1
  
  18a73861dcd63f3a20570bff0abb35cc71fe9e25
- SHA256
  
  61e0c6effda57ebed69e34c07ab2330cd312529aa498683503486347d53d2bae
- SHA512
  
  da8414cd28fec47e2471e96ec96059ad2dd1961644436592d575dcb2853502a9b0381636bcc9d6193ac2e68e7aaa84e40514aee7398c17b4b1e035a1373f0d1f
Score

3^/10
behavioral7 behavioral8

MITRE ATT&CK Matrix ATT&CK v6

Initial Access

Execution

Persistence

Privilege Escalation

Defense Evasion

Credential Access

Discovery

System Information Discovery

T1082

Lateral Movement

Collection

Exfiltration

Command and Control

Impact

Tasks

Sharing

General

Malware Config

Extracted

Targets

Qakbot/Qbot

MITRE ATT&CK Matrix ATT&CK v6

Tasks

static1

behavioral1

behavioral2

behavioral3

behavioral4

behavioral5

behavioral6

behavioral7

behavioral8