qakbot | 3ef60c9eba24bad44365f16197186c2d50c60f8614321d558d3f7094612974a0

General

Target

e70c07f259f12277c76a654b19f99a250f13b40040bcadc98e27a9f1b1008d84
Size

250KB
Sample

230102-wlyynsac3t
MD5

4cc0c0f76f10a174fa51ddc63806e246
SHA1

51a56e8092f37ed0490182907dcab06f402bba81
SHA256

3ef60c9eba24bad44365f16197186c2d50c60f8614321d558d3f7094612974a0
SHA512

ba795a78e06d919528a9b032d525ab206e35d8bde4371c96672b36192a43675a27ff330b5f3355bfe6cccf01e4f626831b6d32b0e69657b2bc4039beaace92da
SSDEEP

6144:iElL+v1JK2C3J+Ig9E66Qq2elk+93zTno3pMPpUegkFNM4:pmJK2ksIFOUhz0MpVFNM4

Score

10^/10

qakbot bb 1663148750 banker stealer trojan

Malware Config

Extracted

Family

qakbot

Version

403.862

Botnet

BB

Campaign

1663148750

C2

193.3.19.37:443

99.232.140.205:2222

99.253.251.74:443

197.94.210.133:443

37.210.148.30:995

14.161.194.86:443

154.181.203.230:995

200.161.62.126:32101

134.35.10.122:443

64.207.215.69:443

81.131.161.131:2078

217.165.85.223:993

78.100.225.34:2222

85.114.110.108:443

102.38.96.108:995

123.240.131.1:443

109.158.159.179:993

186.105.182.127:443

190.44.40.48:995

88.233.194.154:2222

Attributes

salt
SoNuce]ugdiB3c[doMuce2s81*uXmcvP

Targets

- Target
  
  e70c07f259f12277c76a654b19f99a250f13b40040bcadc98e27a9f1b1008d84
- Size
  
  434KB
- MD5
  
  16172d20335e81662454d2f003a7cd73
- SHA1
  
  21b1e90476d620850e4f834c64507c79ef3aaf1d
- SHA256
  
  e70c07f259f12277c76a654b19f99a250f13b40040bcadc98e27a9f1b1008d84
- SHA512
  
  55fbe2fb7477c84de8b81436a73d5332b65ac51f442144c6e992510cb4acfac3128de4e7dfd24514c791427e17b3cb4a20e2796a61bbd743720c314e57aeedfc
- SSDEEP
  
  6144:36N5XNlCfcqFhOdpwNzM2a3gfwp3NkOWuzv/24bktfTGoH:KrducqxNzbaP3WOWuLTCfThH
Score

10^/10

qakbot bb 1663148750 banker stealer trojan
- Qakbot/Qbot
  Qbot or Qakbot is a sophisticated worm with banking capabilities.
  trojan banker stealer qakbot
behavioral1 behavioral2

MITRE ATT&CK Matrix ATT&CK v6

Initial Access

Execution

Scheduled Task

1

T1053

Persistence

Scheduled Task

1

T1053

Privilege Escalation

Scheduled Task

1

T1053

Defense Evasion

Credential Access

Discovery

Lateral Movement

Collection

Exfiltration

Command and Control

Impact

Tasks

Sharing

General

Malware Config

Extracted

Targets

Qakbot/Qbot

MITRE ATT&CK Matrix ATT&CK v6

Tasks

static1

behavioral1

behavioral2