qakbot | 244cb8aa626e0a7459395548f3e9dd761465212caf1682a82bd7e49bd7554618

General

Target

140000.dll
Size

140KB
Sample

230202-rte4baha8w
MD5

fb64c12c918b7ad12383a25c846051f7
SHA1

52be47d61c97a93ec1310e5e6a921601e28158d1
SHA256

244cb8aa626e0a7459395548f3e9dd761465212caf1682a82bd7e49bd7554618
SHA512

96f9cdd0238ea3e45005f7e991db7f382004648930bf54f006f88adca8c74c9d8d1bb80ddc857853ab08aef5bd2aa4d0f17c6897599e26f35d06db64cb853c62
SSDEEP

3072:/ySCR7EjSC039FFClajmDUUAfJ9UnsHTBfPbGS:/QEjSC0NTCZDUBfJ6nsHTBHbG

Score

10^/10

Malware Config

Extracted

Family

qakbot

Version

404.430

Botnet

BB12

Campaign

1675090602

C2

24.9.220.167:443

92.239.81.124:443

12.172.173.82:32101

162.248.14.107:443

213.31.90.183:2222

217.128.200.114:2222

71.31.101.183:443

81.229.117.95:2222

184.68.116.146:2222

86.130.9.183:2222

92.154.45.81:2222

70.64.77.115:443

24.71.120.191:443

86.225.214.138:2222

86.165.225.227:2222

172.90.139.138:2222

92.207.132.174:2222

70.160.80.210:443

58.162.223.233:443

47.61.70.188:2078

Attributes

salt
SoNuce]ugdiB3c[doMuce2s81*uXmcvP

Targets

- Target
  
  140000.dll
- Size
  
  140KB
- MD5
  
  fb64c12c918b7ad12383a25c846051f7
- SHA1
  
  52be47d61c97a93ec1310e5e6a921601e28158d1
- SHA256
  
  244cb8aa626e0a7459395548f3e9dd761465212caf1682a82bd7e49bd7554618
- SHA512
  
  96f9cdd0238ea3e45005f7e991db7f382004648930bf54f006f88adca8c74c9d8d1bb80ddc857853ab08aef5bd2aa4d0f17c6897599e26f35d06db64cb853c62
- SSDEEP
  
  3072:/ySCR7EjSC039FFClajmDUUAfJ9UnsHTBfPbGS:/QEjSC0NTCZDUBfJ6nsHTBHbG
Score

10^/10

qakbot bb12 1675090602 banker stealer trojan
- Qakbot/Qbot
  Qbot or Qakbot is a sophisticated worm with banking capabilities.
  trojan banker stealer qakbot
- Loads dropped DLL
behavioral1 behavioral2

MITRE ATT&CK Matrix

Tasks

Sharing

General

Malware Config

Extracted

Targets

Qakbot/Qbot

Loads dropped DLL

MITRE ATT&CK Matrix

Tasks

static1

behavioral1

behavioral2