qakbot | 98300b90c51b8f3faeab29dad9493f2036fcf30448a0f1b49b6e11257e90fba0

Resubmissions

05-12-2022 21:51

221205-1qsdxadg5t 10

01-12-2022 20:03

221201-ysws1afd56 10

Sharing

Copy URL

Twitter E-mail

General

Target

c5.zip
Size

421KB
Sample

221201-ysws1afd56
MD5

b6531d0b651f41baab8584e384d670e8
SHA1

7374d10f7d591f80b9b88527cb32de22c7090fe3
SHA256

98300b90c51b8f3faeab29dad9493f2036fcf30448a0f1b49b6e11257e90fba0
SHA512

398112d401caa4b98308fc9e9c40dd72de15db94f1d7643dd187fda661c385ccfb598c62eb228df1a2188845f9e14dafca5f0fa2086ddfa9352169ee9a886e86
SSDEEP

12288:IWgYoDeG2h6J0pkDKwJ5/JCBXtJYjA7gDoKIRCD0wr7of8:uYgxTJ0pkDKAo9P08KISh7G8

Score

10^/10

Malware Config

Extracted

Family

qakbot

Version

404.46

Botnet

tzr03

Campaign

1669896814

105.99.88.96:443

92.189.214.236:2222

108.162.6.34:443

84.35.26.14:995

12.172.173.82:990

188.54.99.243:995

71.31.101.183:443

80.13.179.151:2222

90.119.197.132:2222

47.41.154.250:443

109.149.148.184:2222

82.9.210.36:443

75.161.233.194:995

81.229.117.95:2222

90.116.219.167:2222

90.162.45.154:2222

190.74.104.149:465

76.100.159.250:443

105.108.215.158:990

197.0.145.209:443

Attributes

salt
SoNuce]ugdiB3c[doMuce2s81*uXmcvP

Targets

- Target
  
  c5.jpg
- Size
  
  744KB
- MD5
  
  acb7cbc7849093e176fdb174a7095ae5
- SHA1
  
  35d6908536abe74542d114f56aaaa61346e57ba3
- SHA256
  
  83a8bffa20422e5b4b4d1981506c4ff9652b8886df4de045ef781e4595014fe9
- SHA512
  
  137a557ff1e9c861ba88e19f27b6a7e6b53d46e228d14f16020e4836ac251f58cf70712b813e00b5b16d5aa9536748e5d199ec9be29509bbf77c64ec67540115
- SSDEEP
  
  12288:cBA/2eiIRvULU1QYM3QGBjfR7taXIIg7WP58FXW+tlkzWKgHd6QQBGPpBMkff:R+81q5QOR7QUWYxYO0BEnHf
Score

10^/10

qakbot tzr03 1669896814 banker stealer trojan
- Qakbot/Qbot
  Qbot or Qakbot is a sophisticated worm with banking capabilities.
  trojan banker stealer qakbot
behavioral1 behavioral2

MITRE ATT&CK Matrix

Tasks

Resubmissions

Sharing

General

Malware Config

Extracted

Targets

Qakbot/Qbot

MITRE ATT&CK Matrix

Tasks

static1

behavioral1

behavioral2