qakbot | 024630c0af7e0af46dd856451e7a382f3a0975e94153e710249bd6a64934dfa8

General

Target

3.gif.dll
Size

521KB
Sample

230202-t3g1dada9w
MD5

5d4700394df5f8e2628749b829053a7c
SHA1

aef6363b6d8e38e646928eb9a057461aff981dff
SHA256

024630c0af7e0af46dd856451e7a382f3a0975e94153e710249bd6a64934dfa8
SHA512

a982803b309076fd6102861cc737a6783cafadc0794cf2442466e98574d72f60245563cdc5b188cf3670b4f4c315826360f3a7c1426a5075ae119f312ed50b90
SSDEEP

12288:ldu4vzN4CtsMWsbw2Nx0sgEv91zQ26KZ9eY7b5ruC:7vzLtsUbw2Nx0sgunXxB9p

Score

10^/10

Malware Config

Extracted

Family

qakbot

Version

404.432

Botnet

BB12

Campaign

1675352134

C2

213.67.255.57:2222

86.96.72.139:2222

119.82.122.226:443

86.96.34.182:2222

12.172.173.82:50001

107.146.12.26:2222

97.116.78.96:443

47.61.70.188:2078

197.148.17.17:2078

82.127.204.82:2222

82.121.195.187:2222

73.155.10.79:443

91.231.173.199:995

86.196.12.21:2222

90.78.51.182:2222

90.165.109.4:2222

202.186.177.88:443

92.27.86.48:2222

88.171.156.150:50000

78.130.215.67:443

Attributes

salt
SoNuce]ugdiB3c[doMuce2s81*uXmcvP

Targets

- Target
  
  3.gif.dll
- Size
  
  521KB
- MD5
  
  5d4700394df5f8e2628749b829053a7c
- SHA1
  
  aef6363b6d8e38e646928eb9a057461aff981dff
- SHA256
  
  024630c0af7e0af46dd856451e7a382f3a0975e94153e710249bd6a64934dfa8
- SHA512
  
  a982803b309076fd6102861cc737a6783cafadc0794cf2442466e98574d72f60245563cdc5b188cf3670b4f4c315826360f3a7c1426a5075ae119f312ed50b90
- SSDEEP
  
  12288:ldu4vzN4CtsMWsbw2Nx0sgEv91zQ26KZ9eY7b5ruC:7vzLtsUbw2Nx0sgunXxB9p
Score

10^/10

qakbot bb12 1675352134 banker stealer trojan
- Qakbot/Qbot
  Qbot or Qakbot is a sophisticated worm with banking capabilities.
  trojan banker stealer qakbot
- Loads dropped DLL
behavioral1 behavioral2

MITRE ATT&CK Matrix ATT&CK v6

Initial Access

Execution

Persistence

Privilege Escalation

Defense Evasion

Credential Access

Discovery

Query Registry

2

T1012

Peripheral Device Discovery

1

T1120

System Information Discovery

2

T1082

Lateral Movement

Collection

Exfiltration

Command and Control

Impact

Tasks

Resubmissions

Sharing

General

Malware Config

Extracted

Targets

Qakbot/Qbot

Loads dropped DLL

MITRE ATT&CK Matrix ATT&CK v6

Tasks

static1

behavioral1

behavioral2