qakbot | 0c2d4e014e92d46b8f5db3aea01886c6d8daabace0b27bef50676d785080621c

General

Target

clowns.zip
Size

521KB
Sample

221123-kwpxzada8v
MD5

d5b6b80e0f49eb42a3795233bbcc4116
SHA1

f256f9628270b9148849ce1b4ccf0ae8222fe2d3
SHA256

0c2d4e014e92d46b8f5db3aea01886c6d8daabace0b27bef50676d785080621c
SHA512

4c4075d8367b4469cc3988fe5a437ed79fe72322427a12e5e83168def47fc83412b31fc06bcb59e24819b55a10631cad5116ccbe8141120541fad037b9a23dd9
SSDEEP

12288:WCqTVMB6Wf4FgM6dyXMz9/38ATaZDk7rqVc1W277a0mZPa:TeVjYM6sXG8ATalTio0a0mE

Score

10^/10

Malware Config

Extracted

Family

qakbot

Version

404.31

Botnet

BB07

Campaign

1669135035

C2

41.62.42.255:443

212.54.207.42:995

73.161.176.218:443

50.68.204.71:443

80.103.77.44:2222

24.142.218.202:443

66.191.69.18:995

97.93.192.2:2083

89.115.196.99:443

136.35.241.159:443

194.166.91.255:443

12.172.173.82:22

84.209.52.11:443

50.68.204.71:993

64.228.191.212:2222

46.176.180.15:995

109.218.104.206:2222

91.254.215.167:443

176.151.15.101:443

41.98.228.100:443

Attributes

salt
SoNuce]ugdiB3c[doMuce2s81*uXmcvP

Targets

- Target
  
  clowns.zip
- Size
  
  521KB
- MD5
  
  d5b6b80e0f49eb42a3795233bbcc4116
- SHA1
  
  f256f9628270b9148849ce1b4ccf0ae8222fe2d3
- SHA256
  
  0c2d4e014e92d46b8f5db3aea01886c6d8daabace0b27bef50676d785080621c
- SHA512
  
  4c4075d8367b4469cc3988fe5a437ed79fe72322427a12e5e83168def47fc83412b31fc06bcb59e24819b55a10631cad5116ccbe8141120541fad037b9a23dd9
- SSDEEP
  
  12288:WCqTVMB6Wf4FgM6dyXMz9/38ATaZDk7rqVc1W277a0mZPa:TeVjYM6sXG8ATalTio0a0mE
Score

10^/10

qakbot bb07 1669135035 banker stealer trojan
- Qakbot/Qbot
  Qbot or Qakbot is a sophisticated worm with banking capabilities.
  trojan banker stealer qakbot
behavioral1

MITRE ATT&CK Matrix

Tasks

static1

Score

N/A

behavioral1

qakbotbb071669135035bankerstealertrojan

Score

10^/10

Sharing

General

Malware Config

Extracted

Targets

Qakbot/Qbot

MITRE ATT&CK Matrix

Tasks

static1

behavioral1