qakbot | a96db824dcde339ae8df3259934cd886027053075797e35ee48d5dbbac37f34e

General

Target

a96db824dcde339ae8df3259934cd886027053075797e35ee48d5dbbac37f34e.bin
Size

158KB
Sample

221220-sxtljsab97
MD5

ac20abc415817fa6008bf473b7d61e2d
SHA1

1bbbe69455ec7bead0925cea323a9526b6475a96
SHA256

a96db824dcde339ae8df3259934cd886027053075797e35ee48d5dbbac37f34e
SHA512

92442ff8d2104f99ba923f9a731b2737de7a4a951f07d75176d4b552461a757c173f704fa71a64b0f5fefdf5dba4eb2c12e19b3dce02c14a112899ebc336e43f
SSDEEP

3072:ygikbXp3BvScvqzzxVvAAWJ6AzaHTBfZSEO/yaGv:1TdRXvqXxh1WJJzaHTBRSv/

Score

10^/10

Malware Config

Extracted

Family

qakbot

Version

404.46

Botnet

BB09

Campaign

1670238005

C2

76.100.159.250:443

66.191.69.18:995

186.64.67.9:443

50.90.249.161:443

109.150.179.158:2222

92.149.205.238:2222

86.165.15.180:2222

41.44.19.36:995

78.17.157.5:443

173.18.126.3:443

75.99.125.235:2222

172.90.139.138:2222

27.99.45.237:2222

91.68.227.219:443

12.172.173.82:993

103.144.201.62:2078

12.172.173.82:990

173.239.94.212:443

91.169.12.198:32100

24.64.114.59:2222

Attributes

salt
SoNuce]ugdiB3c[doMuce2s81*uXmcvP

Targets

- Target
  
  a96db824dcde339ae8df3259934cd886027053075797e35ee48d5dbbac37f34e.bin
- Size
  
  158KB
- MD5
  
  ac20abc415817fa6008bf473b7d61e2d
- SHA1
  
  1bbbe69455ec7bead0925cea323a9526b6475a96
- SHA256
  
  a96db824dcde339ae8df3259934cd886027053075797e35ee48d5dbbac37f34e
- SHA512
  
  92442ff8d2104f99ba923f9a731b2737de7a4a951f07d75176d4b552461a757c173f704fa71a64b0f5fefdf5dba4eb2c12e19b3dce02c14a112899ebc336e43f
- SSDEEP
  
  3072:ygikbXp3BvScvqzzxVvAAWJ6AzaHTBfZSEO/yaGv:1TdRXvqXxh1WJJzaHTBRSv/
Score

10^/10

qakbot bb09 1670238005 banker stealer trojan
- Qakbot/Qbot
  Qbot or Qakbot is a sophisticated worm with banking capabilities.
  trojan banker stealer qakbot
behavioral1 behavioral2

MITRE ATT&CK Matrix

Tasks

Sharing

General

Malware Config

Extracted

Targets

Qakbot/Qbot

MITRE ATT&CK Matrix

Tasks

static1

behavioral1

behavioral2