qakbot | c4b2e7e2d683eeebdc5be8f5f7cb89eb61be19b9a797779a54a321ffb04b800f

General

Target

hieroglyphs.dat
Size

573KB
Sample

221103-r2fd2sdfhq
MD5

f4830c17c44feaaf42d51c3f16b3fc13
SHA1

42909653acdb4c7f7b7b00e14b9939b9525f89c5
SHA256

c4b2e7e2d683eeebdc5be8f5f7cb89eb61be19b9a797779a54a321ffb04b800f
SHA512

de3b89a0f5550ad76945191a175cd14d983416b1bd124eabbdea6dc5dcd188c0fc0235f53dd0c99fea3dff225a2ab9be4753b72452a65dbbbe8d8944328416fa
SSDEEP

12288:2ahjmQWJTT3QHljUn6UFsRnlpf/lEHuLLQuiXvgmNm4aZ:nhylRjQFA6UFsFlpftEOLLq/m

Score

10^/10

Malware Config

Extracted

Family

qakbot

Version

404.20

Botnet

BB05

Campaign

1667470564

C2

181.118.183.103:443

187.0.1.73:57336

41.44.11.227:995

1.66.180.227:43528

187.0.1.190:19192

174.0.224.214:443

1.175.205.2:13825

109.159.119.162:2222

45.49.137.80:443

1.92.24.200:57859

149.126.159.224:443

1.91.68.227:56065

82.141.152.214:443

212.251.122.147:995

92.185.204.18:2078

1.172.249.99:36616

187.1.1.190:6189

80.0.74.165:443

209.0.1.81:40739

197.204.182.47:443

Attributes

salt
SoNuce]ugdiB3c[doMuce2s81*uXmcvP

Extracted

Family

qakbot

Attributes

salt
0�$cX ��3�3 4L��Cn17��*]? 4K��A��%� �

Targets

- Target
  
  hieroglyphs.dat
- Size
  
  573KB
- MD5
  
  f4830c17c44feaaf42d51c3f16b3fc13
- SHA1
  
  42909653acdb4c7f7b7b00e14b9939b9525f89c5
- SHA256
  
  c4b2e7e2d683eeebdc5be8f5f7cb89eb61be19b9a797779a54a321ffb04b800f
- SHA512
  
  de3b89a0f5550ad76945191a175cd14d983416b1bd124eabbdea6dc5dcd188c0fc0235f53dd0c99fea3dff225a2ab9be4753b72452a65dbbbe8d8944328416fa
- SSDEEP
  
  12288:2ahjmQWJTT3QHljUn6UFsRnlpf/lEHuLLQuiXvgmNm4aZ:nhylRjQFA6UFsFlpftEOLLq/m
Score

10^/10

qakbot bb05 1667470564 banker stealer trojan
- Qakbot/Qbot
  Qbot or Qakbot is a sophisticated worm with banking capabilities.
  trojan banker stealer qakbot
behavioral1 behavioral2

MITRE ATT&CK Matrix

Tasks

Sharing

General

Malware Config

Extracted

Extracted

Targets

Qakbot/Qbot

MITRE ATT&CK Matrix

Tasks

static1

behavioral1

behavioral2