qakbot | f084d87078a1e4b0ee208539c53e4853a52b5698e98f0578d7c12948e3831a68

General

Target

r.png
Size

1.7MB
Sample

230203-zh861see4z
MD5

69db4be25c1611c17e00603c6aa2e8bb
SHA1

4044d9b57187ff5179f0d4cc51e849de57c73ded
SHA256

f084d87078a1e4b0ee208539c53e4853a52b5698e98f0578d7c12948e3831a68
SHA512

1fb9df575228442f941f5c568a105f4305f046229b3f076691d87ef7bd7f88d3e0ba2906d67d3dc8a6fa724b7e89186d979381de24dd48752313a1c958280418
SSDEEP

24576:nrj3nPW3ednWPiT8VTBqcATV8KIyydLXGcq8z+0uaEYmgE7v99de7:f3nCeCiT8aHxyM18z+XatEh9de

Score

10^/10

Malware Config

Extracted

Family

qakbot

Version

404.432

Botnet

BB12

Campaign

1675417198

C2

12.172.173.82:995

12.172.173.82:2087

50.68.204.71:443

84.215.202.22:443

98.175.176.254:995

184.155.91.69:443

50.68.186.195:443

183.87.163.165:443

172.248.42.122:443

93.156.100.20:443

102.156.32.143:443

50.60.157.175:995

75.143.236.149:443

69.133.162.35:443

105.184.159.165:995

130.43.172.217:2222

82.36.36.76:443

73.223.248.31:443

202.142.98.62:443

73.161.176.218:443

Attributes

salt
SoNuce]ugdiB3c[doMuce2s81*uXmcvP

Targets

- Target
  
  r.png
- Size
  
  1.7MB
- MD5
  
  69db4be25c1611c17e00603c6aa2e8bb
- SHA1
  
  4044d9b57187ff5179f0d4cc51e849de57c73ded
- SHA256
  
  f084d87078a1e4b0ee208539c53e4853a52b5698e98f0578d7c12948e3831a68
- SHA512
  
  1fb9df575228442f941f5c568a105f4305f046229b3f076691d87ef7bd7f88d3e0ba2906d67d3dc8a6fa724b7e89186d979381de24dd48752313a1c958280418
- SSDEEP
  
  24576:nrj3nPW3ednWPiT8VTBqcATV8KIyydLXGcq8z+0uaEYmgE7v99de7:f3nCeCiT8aHxyM18z+XatEh9de
Score

10^/10

qakbot bb12 1675417198 banker stealer trojan
- Qakbot/Qbot
  Qbot or Qakbot is a sophisticated worm with banking capabilities.
  trojan banker stealer qakbot
- Loads dropped DLL
behavioral1 behavioral2

MITRE ATT&CK Matrix

Tasks

Sharing

General

Malware Config

Extracted

Targets

Qakbot/Qbot

Loads dropped DLL

MITRE ATT&CK Matrix

Tasks

static1

behavioral1

behavioral2