qakbot | 4e8d2063ddc2e5becd61280a0855e00a513fea31645d4fb361e8b799a6a04dd3

General

Target

templates025.png
Size

421KB
Sample

221209-b4waaafa2w
MD5

8203065d51ae0f30ddeadbc1d6aeef34
SHA1

288f1e378ff190ac5777bfa47014bb5f7b04d736
SHA256

4e8d2063ddc2e5becd61280a0855e00a513fea31645d4fb361e8b799a6a04dd3
SHA512

3fe2a844c87593b251dcd90fe2f32ebb14fa8f7aed4ad34632d07b94e2c35f4ad7836a506b7a2294844b4246a804d87283c6cd59b1550510f82296f66bd25671
SSDEEP

12288:Pkpde329VEdv++607q6YP4uo7N9cIegv8JowUShUPw:Pudy29ChzEoEQ0Uw

Score

10^/10

Malware Config

Extracted

Family

qakbot

Version

404.20

Botnet

BB05

Campaign

1667294768

C2

136.232.184.134:995

65.20.175.208:443

78.161.38.242:443

154.247.31.51:993

50.68.204.71:993

154.247.31.51:995

154.247.31.51:32103

50.68.204.71:995

142.161.120.116:2222

84.35.26.14:995

174.0.224.214:443

181.164.194.228:443

58.247.115.126:995

74.92.243.113:995

74.92.243.113:50000

149.126.159.224:443

68.146.18.15:443

182.66.197.35:443

216.82.134.218:443

186.64.67.44:443

Attributes

salt
SoNuce]ugdiB3c[doMuce2s81*uXmcvP

Targets

- Target
  
  templates025.png
- Size
  
  421KB
- MD5
  
  8203065d51ae0f30ddeadbc1d6aeef34
- SHA1
  
  288f1e378ff190ac5777bfa47014bb5f7b04d736
- SHA256
  
  4e8d2063ddc2e5becd61280a0855e00a513fea31645d4fb361e8b799a6a04dd3
- SHA512
  
  3fe2a844c87593b251dcd90fe2f32ebb14fa8f7aed4ad34632d07b94e2c35f4ad7836a506b7a2294844b4246a804d87283c6cd59b1550510f82296f66bd25671
- SSDEEP
  
  12288:Pkpde329VEdv++607q6YP4uo7N9cIegv8JowUShUPw:Pudy29ChzEoEQ0Uw
Score

10^/10

qakbot bb05 1667294768 banker stealer trojan
- Qakbot/Qbot
  Qbot or Qakbot is a sophisticated worm with banking capabilities.
  trojan banker stealer qakbot
behavioral1 behavioral2

MITRE ATT&CK Matrix

Tasks

Sharing

General

Malware Config

Extracted

Targets

Qakbot/Qbot

MITRE ATT&CK Matrix

Tasks

static1

behavioral1

behavioral2