qakbot | e9e65452644cf71bddbd3a324c171117c3df219a642bca6083ee6796dc5365c2

General

Target

contaminative.dat.dll
Size

1.6MB
Sample

221031-v3pwnabeh6
MD5

7e7bdad13f25974c9bd07b0591d2773e
SHA1

fd0d969841ec7654b1b969d8c296031c3575d63c
SHA256

e9e65452644cf71bddbd3a324c171117c3df219a642bca6083ee6796dc5365c2
SHA512

a7f3e3e0c8c3d07993694a30e7853d81ae97417d17ec93287cd9a5da30a305dbfad5a79b5431d599581ba05aa8d0b0b58dea88a61b20031294aaa32ee9038a82
SSDEEP

24576:hdOBKJGDcYOGm+FpvC04Rl3ZC499TlgxE29S3GrOk8YdSkQh:hs9dm+n60YZCZY3+R8Ydkh

Score

10^/10

Malware Config

Extracted

Family

qakbot

Version

404.14

Botnet

BB05

Campaign

1667208557

C2

174.77.209.5:443

187.0.1.74:23795

24.206.27.39:443

1.156.220.169:30723

156.216.39.119:995

58.186.75.42:443

1.156.197.160:30467

187.1.1.190:4844

186.18.210.16:443

1.181.56.171:771

90.165.109.4:2222

187.0.1.186:39742

87.57.13.215:443

187.0.1.207:52344

227.26.3.227:1

98.207.190.55:443

187.0.1.197:7017

188.49.56.189:443

102.156.160.115:443

187.0.1.24:17751

Attributes

salt
SoNuce]ugdiB3c[doMuce2s81*uXmcvP

Targets

- Target
  
  contaminative.dat.dll
- Size
  
  1.6MB
- MD5
  
  7e7bdad13f25974c9bd07b0591d2773e
- SHA1
  
  fd0d969841ec7654b1b969d8c296031c3575d63c
- SHA256
  
  e9e65452644cf71bddbd3a324c171117c3df219a642bca6083ee6796dc5365c2
- SHA512
  
  a7f3e3e0c8c3d07993694a30e7853d81ae97417d17ec93287cd9a5da30a305dbfad5a79b5431d599581ba05aa8d0b0b58dea88a61b20031294aaa32ee9038a82
- SSDEEP
  
  24576:hdOBKJGDcYOGm+FpvC04Rl3ZC499TlgxE29S3GrOk8YdSkQh:hs9dm+n60YZCZY3+R8Ydkh
Score

10^/10

qakbot bb05 1667208557 banker stealer trojan
- Qakbot/Qbot
  Qbot or Qakbot is a sophisticated worm with banking capabilities.
  trojan banker stealer qakbot
behavioral1 behavioral2

MITRE ATT&CK Matrix

Tasks

Sharing

General

Malware Config

Extracted

Targets

Qakbot/Qbot

MITRE ATT&CK Matrix

Tasks

static1

behavioral1

behavioral2