qakbot | 10afa9374deef0bc44fae6fc28be88c3999bb2410f07b7159dbd1882a94e9189 | Triage

Resubmissions

14-10-2022 19:38

221014-ycdmgsecep 10

14-10-2022 18:36

221014-w8xdcseag7 10

Sharing

General

Target

uncited.dat.dll
Size

638KB
Sample

221014-w8xdcseag7
MD5

7f1fc752865619dbe870ab5630e901d6
SHA1

43878660e33f52f22ed1de323f2c426870174dd7
SHA256

10afa9374deef0bc44fae6fc28be88c3999bb2410f07b7159dbd1882a94e9189
SHA512

f085bcb6e666324e9f3f6cf0a9d3fe353fe4d100669512d66d1fc10abb9e9addb0c798fbbd8207f77daaea72fcd057bf22e710d14cfd97f4d24fdf7513b968c7
SSDEEP

12288:fa2sTwwDbozbuUijWQ2ieToMjavBxHuZXJMeGbX//IO:fBs1QuUijWHVUM+HOZXJM5T//I

Score

10^/10

qakbot bb02 1665761649 banker stealer trojan

Malware Config

Extracted

Family

qakbot

Version

403.973

Botnet

BB02

Campaign

1665761649

C2

211.47.11.62:33850

Attributes

salt
SoNuce]ugdiB3c[doMuce2s81*uXmcvP

Targets

- Target
  
  uncited.dat.dll
- Size
  
  638KB
- MD5
  
  7f1fc752865619dbe870ab5630e901d6
- SHA1
  
  43878660e33f52f22ed1de323f2c426870174dd7
- SHA256
  
  10afa9374deef0bc44fae6fc28be88c3999bb2410f07b7159dbd1882a94e9189
- SHA512
  
  f085bcb6e666324e9f3f6cf0a9d3fe353fe4d100669512d66d1fc10abb9e9addb0c798fbbd8207f77daaea72fcd057bf22e710d14cfd97f4d24fdf7513b968c7
- SSDEEP
  
  12288:fa2sTwwDbozbuUijWQ2ieToMjavBxHuZXJMeGbX//IO:fBs1QuUijWHVUM+HOZXJM5T//I
Score

10^/10

qakbot bb02 1665761649 banker stealer trojan
- Qakbot/Qbot
  Qbot or Qakbot is a sophisticated worm with banking capabilities.
  trojan banker stealer qakbot
behavioral1 behavioral2

MITRE ATT&CK Matrix

Tasks

static1

behavioral1

qakbotbb021665761649bankerstealertrojan

behavioral2

qakbotbb021665761649bankerstealertrojan