qakbot | d127e0c805be94fef708c47ad62037ba3840d7b1db5330deea2bc40160501f45

General

Target

D704DA175248D59C068D9251F96DEEB2.fil
Size

393KB
Sample

220930-xar7esfdcr
MD5

d704da175248d59c068d9251f96deeb2
SHA1

3c95b16e88c5edc3a7f24c0b7c78bf4312a82599
SHA256

d127e0c805be94fef708c47ad62037ba3840d7b1db5330deea2bc40160501f45
SHA512

21903bfd94beb1d7d88e3ff09e4727ac50c5f868633336173311d8033f3bbe19b01c1579cec4a7a660c9ee99aab1c8912986028ff450d3e693bc13008c835155
SSDEEP

6144:P57WEjEaG/tptUcHme85N6w0ZmXp8jwkGU99WOUN2LAOh:IEj7QPw5cwimXujH33

Score

10^/10

qakbot bb 1664437404 banker stealer trojan

Malware Config

Extracted

Family

qakbot

Version

403.895

Botnet

BB

Campaign

1664437404

C2

113.180.55.111:443

58.186.75.42:443

105.184.56.118:995

196.206.133.114:995

80.253.189.55:443

193.3.19.137:443

41.104.80.233:443

49.205.197.13:443

186.81.122.168:443

216.238.83.82:443

216.238.83.82:995

39.44.5.104:995

196.207.146.151:443

216.238.108.61:995

139.84.167.18:995

139.84.167.18:443

216.238.108.61:443

149.28.38.16:995

134.35.12.30:443

131.100.40.13:995

Attributes

salt
SoNuce]ugdiB3c[doMuce2s81*uXmcvP

Targets

- Target
  
  D704DA175248D59C068D9251F96DEEB2.fil
- Size
  
  393KB
- MD5
  
  d704da175248d59c068d9251f96deeb2
- SHA1
  
  3c95b16e88c5edc3a7f24c0b7c78bf4312a82599
- SHA256
  
  d127e0c805be94fef708c47ad62037ba3840d7b1db5330deea2bc40160501f45
- SHA512
  
  21903bfd94beb1d7d88e3ff09e4727ac50c5f868633336173311d8033f3bbe19b01c1579cec4a7a660c9ee99aab1c8912986028ff450d3e693bc13008c835155
- SSDEEP
  
  6144:P57WEjEaG/tptUcHme85N6w0ZmXp8jwkGU99WOUN2LAOh:IEj7QPw5cwimXujH33
Score

10^/10

qakbot bb 1664437404 banker stealer trojan
- Qakbot/Qbot
  Qbot or Qakbot is a sophisticated worm with banking capabilities.
  trojan banker stealer qakbot
behavioral1 behavioral2

MITRE ATT&CK Matrix

Tasks

Sharing

General

Malware Config

Extracted

Targets

Qakbot/Qbot

MITRE ATT&CK Matrix

Tasks

static1

behavioral1

behavioral2