qakbot | 5fb5b0c19b5cd855ce353df538c35dab7f74a1d00f2dbe2ccf06853b150e0dd6

General

Target

fwpolicyiomgr.dll
Size

156KB
Sample

221123-dnvd6ada9t
MD5

50ec7cac279ae9cc639f3bc220c6d9b3
SHA1

4511601a140a0e78c83ee80538920a8a4bf609f8
SHA256

5fb5b0c19b5cd855ce353df538c35dab7f74a1d00f2dbe2ccf06853b150e0dd6
SHA512

acff6845e6987b4dfc18b18365c3e31eec2954b8df37b06bda72bbe9d5c408923d2b09ae5f8d01a85b03442ea80a46a49c93686763ccc16f5da768602334c2a6
SSDEEP

3072:7bLJEsAXBFa2MAnJuXTx/TBf5cy30O/ya:HFJAXBjJnJqTx/TBxb3f/

Score

10^/10

Malware Config

Extracted

Family

qakbot

Version

403.1051

Botnet

BB04

Campaign

1666604608

C2

222.117.141.133:443

198.2.51.242:993

27.110.134.202:995

172.117.139.142:995

144.202.15.58:443

193.3.19.137:443

208.78.220.120:443

45.230.169.132:995

102.157.250.192:995

93.156.96.171:443

41.109.170.156:995

58.247.115.126:995

200.233.108.153:995

197.204.107.51:443

201.68.209.47:32101

156.220.185.41:993

37.8.67.5:443

181.164.194.228:443

156.197.230.148:995

175.205.2.54:443

Attributes

salt
SoNuce]ugdiB3c[doMuce2s81*uXmcvP

Targets

- Target
  
  fwpolicyiomgr.dll
- Size
  
  156KB
- MD5
  
  50ec7cac279ae9cc639f3bc220c6d9b3
- SHA1
  
  4511601a140a0e78c83ee80538920a8a4bf609f8
- SHA256
  
  5fb5b0c19b5cd855ce353df538c35dab7f74a1d00f2dbe2ccf06853b150e0dd6
- SHA512
  
  acff6845e6987b4dfc18b18365c3e31eec2954b8df37b06bda72bbe9d5c408923d2b09ae5f8d01a85b03442ea80a46a49c93686763ccc16f5da768602334c2a6
- SSDEEP
  
  3072:7bLJEsAXBFa2MAnJuXTx/TBf5cy30O/ya:HFJAXBjJnJqTx/TBxb3f/
Score

10^/10

qakbot bb04 1666604608 banker stealer trojan
- Qakbot/Qbot
  Qbot or Qakbot is a sophisticated worm with banking capabilities.
  trojan banker stealer qakbot
behavioral1 behavioral2

MITRE ATT&CK Matrix

Tasks

Sharing

General

Malware Config

Extracted

Targets

Qakbot/Qbot

MITRE ATT&CK Matrix

Tasks

static1

behavioral1

behavioral2