qakbot | a0dc9d602575ef4a682bb0e9935464b96cc26cc2973730593d06013e595f67c5

General

Target

Malware.zip
Size

281KB
Sample

230203-dapazsab54
MD5

4c93dfa0fd059cab12d39b882cc74115
SHA1

beceacea012810faaf76cce87d66316712bf9c88
SHA256

a0dc9d602575ef4a682bb0e9935464b96cc26cc2973730593d06013e595f67c5
SHA512

e51fd4b5d698f56060a990c193048ad3df5fa5153b6d88cef7b5124dde04db033512783e1289e7300d25ef51eb6f7a672711a48d32c33923b9f6faf1333d4038
SSDEEP

6144:bxaqcuhTcWi3Szlg5s8kS6vEljCfCbn1EDz5K4O99ek7c72N5r6xvPXMv:bg/UTc3d8EJCE1ED1Kr9ek7x5r6xvPXY

Score

10^/10

Malware Config

Extracted

Family

qakbot

Version

404.432

Botnet

BB12

Campaign

1675352134

C2

213.67.255.57:2222

86.96.72.139:2222

119.82.122.226:443

86.96.34.182:2222

12.172.173.82:50001

107.146.12.26:2222

97.116.78.96:443

47.61.70.188:2078

197.148.17.17:2078

82.127.204.82:2222

82.121.195.187:2222

73.155.10.79:443

91.231.173.199:995

86.196.12.21:2222

90.78.51.182:2222

90.165.109.4:2222

202.186.177.88:443

92.27.86.48:2222

88.171.156.150:50000

78.130.215.67:443

Attributes

salt
SoNuce]ugdiB3c[doMuce2s81*uXmcvP

Targets

- Target
  
  RunDLL-1.bat
- Size
  
  28B
- MD5
  
  707a85392304853a2f2c42e1e39cafd4
- SHA1
  
  d5d67d2dbcfa5f4061ca32da36cfbee9f3c2a213
- SHA256
  
  06b1fc756f405efb9f1ef0446bfe9366315ed9e25cfeb98750475e7ed4266161
- SHA512
  
  3cedae886b9a658f0c566226c5633358d8571fc494a95c968d9df08c40183e206eaeae12860e1c56bcaebde236af4a9b885b7b2760edc38ae34780cc463d7416
Score

10^/10

qakbot bb12 1675352134 banker stealer trojan
- Qakbot/Qbot
  Qbot or Qakbot is a sophisticated worm with banking capabilities.
  trojan banker stealer qakbot
- Loads dropped DLL
behavioral1 behavioral2

MITRE ATT&CK Matrix ATT&CK v6

Initial Access

Execution

Command-Line Interface

1

T1059

Persistence

Privilege Escalation

Defense Evasion

Credential Access

Discovery

Remote System Discovery

1

T1018

System Information Discovery

1

T1082

Lateral Movement

Collection

Exfiltration

Command and Control

Impact

Tasks

Sharing

General

Malware Config

Extracted

Targets

Qakbot/Qbot

Loads dropped DLL

MITRE ATT&CK Matrix ATT&CK v6

Tasks

static1

behavioral1

behavioral2