qakbot | a70d230fcf14f2e65d05fdb0585a33010ccf9e45eb429fcf5ff8763dc48198da

General

Target

221206-qjet5abe66_pw_infected.zip
Size

327KB
Sample

221206-qm4mnabh37
MD5

1b09f9c1922500ecb75a4c1429d11c7f
SHA1

51322f79590786a2bbcfb06d9acc19017a2ecdde
SHA256

a70d230fcf14f2e65d05fdb0585a33010ccf9e45eb429fcf5ff8763dc48198da
SHA512

63dab87fae7843505de2399beb31589a9f5afa8a7d6d03049c57c6fd46475f28b46c67ffe9b84ca23748de1497a18f689c5329de5ca98992720bb35ec1b96811
SSDEEP

6144:dtvptKUjZSfsYUlFdVuj2qAv0I3B0xmq1BX4BGbdlJHT86Hstc:bvCUjZSdUXVujpAENgwlJHzHoc

Score

10^/10

Malware Config

Extracted

Family

qakbot

Version

404.46

Botnet

BB08

Campaign

1669902931

C2

71.46.234.171:443

50.68.204.71:443

186.28.89.170:995

50.68.204.71:993

62.31.130.138:465

152.170.17.136:443

108.162.6.34:995

24.142.218.202:443

67.61.71.201:443

65.95.85.172:2222

50.232.21.70:995

76.184.95.190:993

47.16.69.220:2222

178.169.196.115:443

184.64.44.21:443

12.172.173.82:22

77.126.81.208:443

38.69.136.177:995

174.104.184.149:443

173.18.126.3:443

Attributes

salt
SoNuce]ugdiB3c[doMuce2s81*uXmcvP

Targets

- Target
  
  run.bat
- Size
  
  48B
- MD5
  
  7d417b8d0568db2290d8896f56c72a04
- SHA1
  
  90ab04363811f62afc410b5647381254a9f8af81
- SHA256
  
  f44ee57a5ec075a4ae3d63cc4d98a31eae026423bb3748213fac7e8c8f4553e3
- SHA512
  
  7aa0129c88cf9081feb356f02c435e636b8331b241a4600e4ae3b104865922469f0cd134655b88243a06959e1412dc5614cc3a4ae76abbac8e35070ce62b98a9
Score

10^/10

qakbot bb08 1669902931 banker stealer trojan
- Qakbot/Qbot
  Qbot or Qakbot is a sophisticated worm with banking capabilities.
  trojan banker stealer qakbot
behavioral1 behavioral2

MITRE ATT&CK Matrix

Tasks

Sharing

General

Malware Config

Extracted

Targets

Qakbot/Qbot

MITRE ATT&CK Matrix

Tasks

static1

behavioral1

behavioral2