qakbot | 7e17200c8df5260abb995b32da65dfb50cca19ddc087236865d41f80d7fe1923

Resubmissions

10-02-2023 10:01

230210-l1823shb9s 10

10-02-2023 09:47

230210-lr74esha58 3

Sharing

Copy URL

Twitter E-mail

General

Target

01.png.dll
Size

792KB
Sample

230210-l1823shb9s
MD5

757bb7210f85c61287ea483ffeba6047
SHA1

4e765ed8d01a04d409b3e627e95328057b4a553e
SHA256

7e17200c8df5260abb995b32da65dfb50cca19ddc087236865d41f80d7fe1923
SHA512

d59b760836e7e5246fd1accba41e5eb67d8cc99d9936670f9b7ab19e38e8a1466be179647bfb85eabc0bbb84e4897dc3712f74ca46ad757fcbe87c9f0ca13a91
SSDEEP

24576:bH8Xsmt4vyVjXe1ikZdtjMsc7MscXMscktkTNdi+Y0zs:qefBtkf9zs

Score

10^/10

Malware Config

Extracted

Family

qakbot

Version

404.506

Botnet

BB14

Campaign

1675933835

50.20.171.2:443

73.36.196.11:443

12.172.173.82:990

86.225.214.138:2222

67.253.226.137:995

84.108.200.161:443

121.121.100.207:995

86.169.203.116:443

150.107.231.59:2222

201.244.108.183:995

81.111.108.123:443

85.241.180.94:443

37.14.229.220:2222

24.64.112.40:50010

91.68.227.219:443

71.112.212.166:443

82.121.195.187:2222

101.184.161.86:2222

81.157.227.223:2222

103.141.50.102:995

Attributes

salt
SoNuce]ugdiB3c[doMuce2s81*uXmcvP

Targets

- Target
  
  01.png.dll
- Size
  
  792KB
- MD5
  
  757bb7210f85c61287ea483ffeba6047
- SHA1
  
  4e765ed8d01a04d409b3e627e95328057b4a553e
- SHA256
  
  7e17200c8df5260abb995b32da65dfb50cca19ddc087236865d41f80d7fe1923
- SHA512
  
  d59b760836e7e5246fd1accba41e5eb67d8cc99d9936670f9b7ab19e38e8a1466be179647bfb85eabc0bbb84e4897dc3712f74ca46ad757fcbe87c9f0ca13a91
- SSDEEP
  
  24576:bH8Xsmt4vyVjXe1ikZdtjMsc7MscXMscktkTNdi+Y0zs:qefBtkf9zs
Score

10^/10

qakbot bb14 1675933835 banker stealer trojan
- Qakbot/Qbot
  Qbot or Qakbot is a sophisticated worm with banking capabilities.
  trojan banker stealer qakbot
behavioral1 behavioral2

MITRE ATT&CK Matrix

Tasks

Resubmissions

Sharing

General

Malware Config

Extracted

Targets

Qakbot/Qbot

MITRE ATT&CK Matrix

Tasks

static1

behavioral1

behavioral2