qakbot | 2d68755335776e3de28fcd1757b7dcc07688b31c37205ce2324d92c2f419c6f0

General

Target

2d68755335776e3de28fcd1757b7dcc07688b31c37205ce2324d92c2f419c6f0.bin
Size

414KB
Sample

230106-cv7sdshf31
MD5

2b55988c0d236edd5ea1a631ccd37b76
SHA1

033a22c3bb2b0dd1677973e1ae6280e5466e771c
SHA256

2d68755335776e3de28fcd1757b7dcc07688b31c37205ce2324d92c2f419c6f0
SHA512

de2c34008ce298b43fd0327c0493b3c50fe3c4842f53c15b9cf8b4d895a0cdd3814b7f192910d24d798c3796af29b5283197b454ce2e0cad6dd9a4daa3c8f5ff
SSDEEP

6144:UUpGOKUXcSjtM0vsW2g2uJ8yBW8RCtswtoMfLYzY8EI4zADpxhKY:IODMSjtHX2VyWkUtoeLYk8EHMjh1

Score

10^/10

Malware Config

Extracted

Family

qakbot

Version

403.780

Botnet

obama194

Campaign

1656313665

C2

70.46.220.114:443

32.221.224.140:995

67.209.195.198:443

186.90.153.162:2222

148.64.96.100:443

67.165.206.193:993

86.200.151.188:2222

80.11.74.81:2222

173.174.216.62:443

45.241.173.232:993

41.228.22.180:443

1.161.81.21:995

24.178.196.158:2222

37.34.253.233:443

93.48.80.198:995

129.208.158.180:995

120.150.218.241:995

38.70.253.226:2222

111.125.245.116:995

47.23.89.60:993

Attributes

salt
jHxastDcds)oMc=jvh7wdUhxcsdt2

Targets

- Target
  
  2d68755335776e3de28fcd1757b7dcc07688b31c37205ce2324d92c2f419c6f0.bin
- Size
  
  414KB
- MD5
  
  2b55988c0d236edd5ea1a631ccd37b76
- SHA1
  
  033a22c3bb2b0dd1677973e1ae6280e5466e771c
- SHA256
  
  2d68755335776e3de28fcd1757b7dcc07688b31c37205ce2324d92c2f419c6f0
- SHA512
  
  de2c34008ce298b43fd0327c0493b3c50fe3c4842f53c15b9cf8b4d895a0cdd3814b7f192910d24d798c3796af29b5283197b454ce2e0cad6dd9a4daa3c8f5ff
- SSDEEP
  
  6144:UUpGOKUXcSjtM0vsW2g2uJ8yBW8RCtswtoMfLYzY8EI4zADpxhKY:IODMSjtHX2VyWkUtoeLYk8EHMjh1
Score

10^/10

qakbot obama194 1656313665 banker stealer trojan
- Qakbot/Qbot
  Qbot or Qakbot is a sophisticated worm with banking capabilities.
  trojan banker stealer qakbot
behavioral1 behavioral2

MITRE ATT&CK Enterprise v6

Initial Access

Execution

Scheduled Task

1

T1053

Persistence

Scheduled Task

1

T1053

Privilege Escalation

Scheduled Task

1

T1053

Defense Evasion

Credential Access

Discovery

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Tasks

Sharing

General

Malware Config

Extracted

Targets

Qakbot/Qbot

MITRE ATT&CK Enterprise v6

Tasks

static1

behavioral1

behavioral2