qakbot | 26a5c35034800e786a979358b4cd86cc15ddef9abdf711fd2d3cd38ba59ee4c2

General

Target

1.png.dll
Size

464KB
Sample

230203-kv1yvadd92
MD5

4a1fbd71010494ad1cb579cd6c395c80
SHA1

fd97b9875641a5eb8b95b716fb17d1d36ff81afd
SHA256

26a5c35034800e786a979358b4cd86cc15ddef9abdf711fd2d3cd38ba59ee4c2
SHA512

0de3b1d693ccc0053ddeb2dc15bb5f0f3bcea47ee3168f8e37202b52bbee482ba1385827954200e814f9c418d4c946dd2b5262ca9984a45075410fbce2bcb79d
SSDEEP

6144:C3P9EKUug7ptz0KE05TG2mLsh0H7wiWsxhQsjdDKlos8Wno8Kdygm/K+VybKK:iEKU/I8kLFUi/sRJKYK+4bKK

Score

10^/10

Malware Config

Extracted

Family

qakbot

Version

404.432

Botnet

BB12

Campaign

1675352134

C2

213.67.255.57:2222

86.96.72.139:2222

119.82.122.226:443

86.96.34.182:2222

12.172.173.82:50001

107.146.12.26:2222

97.116.78.96:443

47.61.70.188:2078

197.148.17.17:2078

82.127.204.82:2222

82.121.195.187:2222

73.155.10.79:443

91.231.173.199:995

86.196.12.21:2222

90.78.51.182:2222

90.165.109.4:2222

202.186.177.88:443

92.27.86.48:2222

88.171.156.150:50000

78.130.215.67:443

Attributes

salt
SoNuce]ugdiB3c[doMuce2s81*uXmcvP

Targets

- Target
  
  1.png.dll
- Size
  
  464KB
- MD5
  
  4a1fbd71010494ad1cb579cd6c395c80
- SHA1
  
  fd97b9875641a5eb8b95b716fb17d1d36ff81afd
- SHA256
  
  26a5c35034800e786a979358b4cd86cc15ddef9abdf711fd2d3cd38ba59ee4c2
- SHA512
  
  0de3b1d693ccc0053ddeb2dc15bb5f0f3bcea47ee3168f8e37202b52bbee482ba1385827954200e814f9c418d4c946dd2b5262ca9984a45075410fbce2bcb79d
- SSDEEP
  
  6144:C3P9EKUug7ptz0KE05TG2mLsh0H7wiWsxhQsjdDKlos8Wno8Kdygm/K+VybKK:iEKU/I8kLFUi/sRJKYK+4bKK
Score

10^/10

qakbot bb12 1675352134 banker stealer trojan
- Qakbot/Qbot
  Qbot or Qakbot is a sophisticated worm with banking capabilities.
  trojan banker stealer qakbot
- Loads dropped DLL
behavioral1 behavioral2

MITRE ATT&CK Matrix

Tasks

Sharing

General

Malware Config

Extracted

Targets

Qakbot/Qbot

Loads dropped DLL

MITRE ATT&CK Matrix

Tasks

static1

behavioral1

behavioral2