qakbot | fbc58a7a06430b8e391a18bb82896dfa9c0a91bf6216c8896e1167932bbb5efe | Triage

Sharing

General

Target

a1c984514cb1d1be0c059d668f8f4428.zip
Size

639KB
Sample

221117-zeqkhaff83
MD5

28c6e95500cd175982127a7807f16543
SHA1

6f976e2536c9d9b2d42b88719c43485b6b0b0463
SHA256

fbc58a7a06430b8e391a18bb82896dfa9c0a91bf6216c8896e1167932bbb5efe
SHA512

59154e36728af96998bf6514f73116783a9244ac5e1b52b0ea1655be34e55c11799f57247ffa7b08c6c30bf1e5e2b62b610f47da0d5fc3559e1b1352261b8171
SSDEEP

12288:e85Jq7WzcBFTqJ1MTSIz6POfF5QkXD+xBQArdiqbzbNuf8RT8RRu:eK6F2JyTXzB95rzeTrw4cu

Score

10^/10

qakbot obama221 1667915095 banker stealer trojan

Malware Config

Extracted

Family

qakbot

Version

404.27

Botnet

obama221

Campaign

1667915095

C2

199.83.165.233:443

24.142.218.202:443

79.166.120.168:995

92.24.200.226:995

151.32.168.124:443

72.88.245.71:443

46.229.194.17:443

142.119.40.220:2222

177.205.114.49:2222

174.104.184.149:443

86.167.26.227:2222

94.15.58.251:443

82.155.111.187:443

2.84.98.228:2222

69.133.162.35:443

92.189.214.236:2222

190.74.23.139:443

47.34.30.133:443

80.103.77.44:2222

82.34.170.37:443

Attributes

salt
SoNuce]ugdiB3c[doMuce2s81*uXmcvP

Targets

- Target
  
  a1c984514cb1d1be0c059d668f8f4428
- Size
  
  932KB
- MD5
  
  a1c984514cb1d1be0c059d668f8f4428
- SHA1
  
  d3efa7eca7e51365f81fbe41e42aeef55851747d
- SHA256
  
  2b240d7248367d8afe7da53dce775677b50e3f721cb2525ed33dbe183e2d50fd
- SHA512
  
  a5a509515557b11cee9566d97aae84e74ee8aac804ed61e57fecfe00613340cc48133a009b3b7858189f2b59ba9c53d3139496ae78084ad2d797e4a83233ed10
- SSDEEP
  
  24576:BktK0GW4wnqRrEWJ2+fOGp9aY6DftYZmKq:b0VqH8kEWm3
Score

10^/10

qakbot obama221 1667915095 banker stealer trojan
- Qakbot/Qbot
  Qbot or Qakbot is a sophisticated worm with banking capabilities.
  trojan banker stealer qakbot
behavioral1 behavioral2

MITRE ATT&CK Enterprise v6

Initial Access

Execution

Persistence

Privilege Escalation

Defense Evasion

Modify Registry

Credential Access

Discovery

Peripheral Device Discovery

Query Registry

System Information Discovery

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Tasks

static1

behavioral1

behavioral2

qakbotobama2211667915095bankerstealertrojan