qakbot | b9dd2d79e9b78f0d3f439c302f19b0bbec463f135701ab2ea99c27f48fa2eb1a

General

Target

synapse.db
Size

693KB
Sample

220929-kppzdsabg3
MD5

c05798268fcde7fbda9305a54389bb79
SHA1

72b49520e928a4d4c63b99d8bc68a45abc41cc88
SHA256

b9dd2d79e9b78f0d3f439c302f19b0bbec463f135701ab2ea99c27f48fa2eb1a
SHA512

8937282bbf257f0d2f2ab86ba4909b3ee8f69d2141b8e419cb245019a0dcd5964c38ab9bc3ada8ef75cbdee02ae05a0f69196d4fb6c4c27351b2e36f36f592e1
SSDEEP

12288:/ieL1vc1PdFjpmw5qS6xnGWvE/NIg5UT+QD1lNMAxH:K81IFnqnvE/5w9MW

Score

10^/10

qakbot bb 1664358901 banker stealer trojan

Malware Config

Extracted

Family

qakbot

Version

403.895

Botnet

BB

Campaign

1664358901

C2

179.111.23.186:32101

179.251.119.206:995

84.3.85.30:443

39.44.5.104:995

197.41.235.69:995

193.3.19.137:443

186.81.122.168:443

103.173.121.17:443

41.111.118.56:443

102.189.184.12:995

156.199.90.139:443

14.168.180.223:443

41.140.98.37:995

156.205.3.210:993

139.228.33.176:2222

134.35.12.0:443

49.205.197.13:443

131.100.40.13:995

217.165.146.158:993

73.252.27.208:995

Attributes

salt
SoNuce]ugdiB3c[doMuce2s81*uXmcvP

Targets

- Target
  
  synapse.db
- Size
  
  693KB
- MD5
  
  c05798268fcde7fbda9305a54389bb79
- SHA1
  
  72b49520e928a4d4c63b99d8bc68a45abc41cc88
- SHA256
  
  b9dd2d79e9b78f0d3f439c302f19b0bbec463f135701ab2ea99c27f48fa2eb1a
- SHA512
  
  8937282bbf257f0d2f2ab86ba4909b3ee8f69d2141b8e419cb245019a0dcd5964c38ab9bc3ada8ef75cbdee02ae05a0f69196d4fb6c4c27351b2e36f36f592e1
- SSDEEP
  
  12288:/ieL1vc1PdFjpmw5qS6xnGWvE/NIg5UT+QD1lNMAxH:K81IFnqnvE/5w9MW
Score

10^/10

qakbot bb 1664358901 banker stealer trojan
- Qakbot/Qbot
  Qbot or Qakbot is a sophisticated worm with banking capabilities.
  trojan banker stealer qakbot
behavioral1 behavioral2

MITRE ATT&CK Matrix

Tasks

Sharing

General

Malware Config

Extracted

Targets

Qakbot/Qbot

MITRE ATT&CK Matrix

Tasks

static1

behavioral1

behavioral2