qakbot | 8f51c35eb0afafd2d29a2b68d1db0d700422d6dbc16ac2ff915e24eb8fb288bc | Triage

Sharing

Copy URL Twitter E-mail

General

Target

pimpled.dat.dll
Size

638KB
Sample

221014-xrhdjsebhl
MD5

19f11dfb3c7baec741a805a702ffd34e
SHA1

81844f0c82ec87a62746f4225f7b0110cafd68a8
SHA256

8f51c35eb0afafd2d29a2b68d1db0d700422d6dbc16ac2ff915e24eb8fb288bc
SHA512

f27e87774edca87f3f72e9ae9eeac9511f252873200d1efe546597f657b22e2809506af3a0281f040efbf752779ea7615df151f6d1c4538b892b37d9152fb68f
SSDEEP

12288:fa2sTwwDbozbuUijWQ2ieToMjavBAHuZXJMeGbX//IO:fBs1QuUijWHVUM++OZXJM5T//I

Score

10^/10

qakbot bb02 1665761649 banker stealer trojan

Malware Config

Extracted

Family

qakbot

Version

403.973

Botnet

BB02

Campaign

1665761649

C2

211.47.11.62:33850

Attributes

salt
SoNuce]ugdiB3c[doMuce2s81*uXmcvP

Targets

- Target
  
  pimpled.dat.dll
- Size
  
  638KB
- MD5
  
  19f11dfb3c7baec741a805a702ffd34e
- SHA1
  
  81844f0c82ec87a62746f4225f7b0110cafd68a8
- SHA256
  
  8f51c35eb0afafd2d29a2b68d1db0d700422d6dbc16ac2ff915e24eb8fb288bc
- SHA512
  
  f27e87774edca87f3f72e9ae9eeac9511f252873200d1efe546597f657b22e2809506af3a0281f040efbf752779ea7615df151f6d1c4538b892b37d9152fb68f
- SSDEEP
  
  12288:fa2sTwwDbozbuUijWQ2ieToMjavBAHuZXJMeGbX//IO:fBs1QuUijWHVUM++OZXJM5T//I
Score

10^/10

qakbot bb02 1665761649 banker stealer trojan
- Qakbot/Qbot
  Qbot or Qakbot is a sophisticated worm with banking capabilities.
  trojan banker stealer qakbot
behavioral1 behavioral2

MITRE ATT&CK Matrix

Tasks

static1

behavioral1

qakbotbb021665761649bankerstealertrojan

behavioral2

qakbotbb021665761649bankerstealertrojan