qakbot | 6dfad8c5a6a3e85dd5b9f9aab41729320774b7afe0494b05fbb7627a6e59df75

General

Target

1.dll
Size

798KB
Sample

230131-qan2faac7s
MD5

f6802a45a09c3b62b2d59bc30f4c0eb1
SHA1

66b7672e5520c62398a3374ed935786111889126
SHA256

6dfad8c5a6a3e85dd5b9f9aab41729320774b7afe0494b05fbb7627a6e59df75
SHA512

3c43248506b87c258208e7417d66077a5d2793f2839bd42236e7b0506527e8cfc028f8977d31e3331e2ff4c088e137bd56f9ebf0caab809a8634c2c1a50cf61e
SSDEEP

24576:sikjPg+4QceLhb6fMYaq4RPaOFmyjAjX:Bk0YBq6fjqX

Score

10^/10

Malware Config

Extracted

Family

qakbot

Version

404.432

Botnet

BB12

Campaign

1675161160

C2

114.143.176.234:443

88.126.94.4:50000

103.252.7.228:443

87.10.205.117:443

82.15.58.109:2222

72.80.7.6:995

90.162.45.154:2222

47.34.30.133:443

50.68.204.71:993

112.141.184.246:995

73.165.119.20:443

91.169.12.198:32100

173.18.126.3:443

87.56.238.53:443

85.241.180.94:443

12.172.173.82:50001

92.154.17.149:2222

103.42.86.246:995

12.172.173.82:990

91.254.132.23:443

Attributes

salt
SoNuce]ugdiB3c[doMuce2s81*uXmcvP

Targets

- Target
  
  1.dll
- Size
  
  798KB
- MD5
  
  f6802a45a09c3b62b2d59bc30f4c0eb1
- SHA1
  
  66b7672e5520c62398a3374ed935786111889126
- SHA256
  
  6dfad8c5a6a3e85dd5b9f9aab41729320774b7afe0494b05fbb7627a6e59df75
- SHA512
  
  3c43248506b87c258208e7417d66077a5d2793f2839bd42236e7b0506527e8cfc028f8977d31e3331e2ff4c088e137bd56f9ebf0caab809a8634c2c1a50cf61e
- SSDEEP
  
  24576:sikjPg+4QceLhb6fMYaq4RPaOFmyjAjX:Bk0YBq6fjqX
Score

10^/10

qakbot bb12 1675161160 banker stealer trojan
- Qakbot/Qbot
  Qbot or Qakbot is a sophisticated worm with banking capabilities.
  trojan banker stealer qakbot
- Loads dropped DLL
behavioral1 behavioral2

MITRE ATT&CK Matrix

Tasks

Sharing

General

Malware Config

Extracted

Targets

Qakbot/Qbot

Loads dropped DLL

MITRE ATT&CK Matrix

Tasks

static1

behavioral1

behavioral2