qakbot | 184f9484299a3227430041acb86c82af3a89f78633599ed6c3afe66e61900ed7

General

Target

0b2de008-e828-4d57-921b-3b939ee621de.zip
Size

433KB
Sample

221116-pa4w8aed3w
MD5

10fe31576a786ad193ece260351ab4db
SHA1

cac60c023a04a913a9131bd65ded26f0c1a46dbc
SHA256

184f9484299a3227430041acb86c82af3a89f78633599ed6c3afe66e61900ed7
SHA512

ed8773ac03d26f1a8e3eb69de795edba373ad4d1c3547919ee91508ef23da260e33c9195ec763578b4fc992739e73f4fd45f9d105294945f343cb0db40576ab6
SSDEEP

6144:6kzidwF+C9ClTzYqtmZkKPr3MXb27e7NfZ3997Fom4941K024aeyjGLlV1nl++3r:vzi/C9INtmZN7Ea7INZNgm6CNyjsL+qr

Score

10^/10

Malware Config

Extracted

Family

qakbot

Version

404.27

Botnet

obama221

Campaign

1667915095

C2

199.83.165.233:443

24.142.218.202:443

79.166.120.168:995

92.24.200.226:995

151.32.168.124:443

72.88.245.71:443

46.229.194.17:443

142.119.40.220:2222

177.205.114.49:2222

174.104.184.149:443

86.167.26.227:2222

94.15.58.251:443

82.155.111.187:443

2.84.98.228:2222

69.133.162.35:443

92.189.214.236:2222

190.74.23.139:443

47.34.30.133:443

80.103.77.44:2222

82.34.170.37:443

Attributes

salt
SoNuce]ugdiB3c[doMuce2s81*uXmcvP

Targets

- Target
  
  0b2de008-e828-4d57-921b-3b939ee621de.zip
- Size
  
  433KB
- MD5
  
  10fe31576a786ad193ece260351ab4db
- SHA1
  
  cac60c023a04a913a9131bd65ded26f0c1a46dbc
- SHA256
  
  184f9484299a3227430041acb86c82af3a89f78633599ed6c3afe66e61900ed7
- SHA512
  
  ed8773ac03d26f1a8e3eb69de795edba373ad4d1c3547919ee91508ef23da260e33c9195ec763578b4fc992739e73f4fd45f9d105294945f343cb0db40576ab6
- SSDEEP
  
  6144:6kzidwF+C9ClTzYqtmZkKPr3MXb27e7NfZ3997Fom4941K024aeyjGLlV1nl++3r:vzi/C9INtmZN7Ea7INZNgm6CNyjsL+qr
Score

10^/10

qakbot obama221 1667915095 banker stealer trojan
- Qakbot/Qbot
  Qbot or Qakbot is a sophisticated worm with banking capabilities.
  trojan banker stealer qakbot
behavioral1 behavioral2

MITRE ATT&CK Enterprise v6

Initial Access

Execution

Persistence

Privilege Escalation

Defense Evasion

Modify Registry

1

T1112

Credential Access

Discovery

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Tasks

Resubmissions

Sharing

General

Malware Config

Extracted

Targets

Qakbot/Qbot

MITRE ATT&CK Enterprise v6

Tasks

static1

behavioral1

behavioral2