qakbot | dbddf15af96147af422ab24fe6d8b5ef06af06a0a8d41362db8edd400f778546

General

Target

qbot.dll
Size

502KB
Sample

221026-s3c6ragba6
MD5

a4e2d9a3da5ce54d2fc19c996757b86a
SHA1

ce44ba7151528ca73be82737ea142dc5e76394b7
SHA256

dbddf15af96147af422ab24fe6d8b5ef06af06a0a8d41362db8edd400f778546
SHA512

e52f13ab245121b45d4f5e110cd0aa4d0c8e83c59a9b4f8e3457df41d254bacb6cd5b3c2bc50c6f4a7125b8a23870de358d0f917ea65b1e5f820a83003f9964d
SSDEEP

6144:KSGYaRyE5Na5otGQkAVFOaqyrGAO87yH3pkNNUoGMHbn/WRCGxIIcAB:DGYGvMc5EyKi70YNUoj7iB

Score

10^/10

Malware Config

Extracted

Family

qakbot

Version

403.1051

Botnet

BB04

Campaign

1666690935

C2

181.164.194.228:443

24.116.45.121:443

190.74.248.136:443

24.206.27.39:443

27.110.134.202:995

2.88.206.121:443

71.199.168.185:443

200.233.108.153:995

198.2.51.242:993

172.117.139.142:995

70.115.104.126:443

144.202.15.58:443

190.24.45.24:995

24.9.220.167:443

58.247.115.126:995

193.3.19.137:443

45.230.169.132:995

68.62.199.70:443

43.241.159.238:443

113.162.196.232:443

Attributes

salt
SoNuce]ugdiB3c[doMuce2s81*uXmcvP

Targets

- Target
  
  qbot.dll
- Size
  
  502KB
- MD5
  
  a4e2d9a3da5ce54d2fc19c996757b86a
- SHA1
  
  ce44ba7151528ca73be82737ea142dc5e76394b7
- SHA256
  
  dbddf15af96147af422ab24fe6d8b5ef06af06a0a8d41362db8edd400f778546
- SHA512
  
  e52f13ab245121b45d4f5e110cd0aa4d0c8e83c59a9b4f8e3457df41d254bacb6cd5b3c2bc50c6f4a7125b8a23870de358d0f917ea65b1e5f820a83003f9964d
- SSDEEP
  
  6144:KSGYaRyE5Na5otGQkAVFOaqyrGAO87yH3pkNNUoGMHbn/WRCGxIIcAB:DGYGvMc5EyKi70YNUoj7iB
Score

10^/10

qakbot bb04 1666690935 banker stealer trojan
- Qakbot/Qbot
  Qbot or Qakbot is a sophisticated worm with banking capabilities.
  trojan banker stealer qakbot
behavioral1 behavioral2

MITRE ATT&CK Matrix

Tasks

Resubmissions

Sharing

General

Malware Config

Extracted

Targets

Qakbot/Qbot

MITRE ATT&CK Matrix

Tasks

static1

behavioral1

behavioral2