qakbot | ea45b3a3a743820bde72418bd1699152d28735fddc9337d018cbc901480b7245

General

Target

reinvests.dat.dll
Size

627KB
Sample

221027-rxelyscdd4
MD5

58c01b56106aa46b8735bcf1cbddf714
SHA1

fc9d81ac7a666427ef6b5c25666b81451f617a51
SHA256

ea45b3a3a743820bde72418bd1699152d28735fddc9337d018cbc901480b7245
SHA512

20ce449930d4e361c66e2bacfd33cfb68570febe0b12388ac2d5c4c18222a89770a3f93bb3faf9ba5510a9d76c742858ad63a5ebb881a85272d71beabe0a5cf2
SSDEEP

12288:cx8IFmbH8yS5XXUrIVcxxenMnwldJOCP6HcD5q:x6y8bRZAkM6dMCSHc4

Score

10^/10

Malware Config

Extracted

Family

qakbot

Version

403.1051

Botnet

BB04

Campaign

1666776497

C2

197.204.53.242:443

83.244.63.21:443

27.110.134.202:995

173.49.74.62:443

181.164.194.228:443

24.116.45.121:443

41.47.249.185:443

24.206.27.39:443

113.183.223.8:443

186.188.80.134:443

64.207.237.118:443

156.216.134.70:995

58.247.115.126:995

180.151.116.67:443

41.140.63.187:443

144.202.15.58:443

190.199.97.108:993

172.117.139.142:995

45.230.169.132:995

24.9.220.167:443

Attributes

salt
SoNuce]ugdiB3c[doMuce2s81*uXmcvP

Targets

- Target
  
  reinvests.dat.dll
- Size
  
  627KB
- MD5
  
  58c01b56106aa46b8735bcf1cbddf714
- SHA1
  
  fc9d81ac7a666427ef6b5c25666b81451f617a51
- SHA256
  
  ea45b3a3a743820bde72418bd1699152d28735fddc9337d018cbc901480b7245
- SHA512
  
  20ce449930d4e361c66e2bacfd33cfb68570febe0b12388ac2d5c4c18222a89770a3f93bb3faf9ba5510a9d76c742858ad63a5ebb881a85272d71beabe0a5cf2
- SSDEEP
  
  12288:cx8IFmbH8yS5XXUrIVcxxenMnwldJOCP6HcD5q:x6y8bRZAkM6dMCSHc4
Score

10^/10

qakbot bb04 1666776497 banker stealer trojan
- Qakbot/Qbot
  Qbot or Qakbot is a sophisticated worm with banking capabilities.
  trojan banker stealer qakbot
behavioral1 behavioral2

MITRE ATT&CK Matrix

Tasks

Sharing

General

Malware Config

Extracted

Targets

Qakbot/Qbot

MITRE ATT&CK Matrix

Tasks

static1

behavioral1

behavioral2