qakbot | 8b7ff202ba89e24bc59661349c40b803b5cd02fc86269f8f2c02c5b4a9a7c2a1

General

Target

x.zip
Size

235KB
Sample

230214-wnpg1sfb39
MD5

638b0d5cfba31d39335e694481f2dd41
SHA1

9bc537a9ae93b4b78abbaf18c35c1570ca85bb23
SHA256

8b7ff202ba89e24bc59661349c40b803b5cd02fc86269f8f2c02c5b4a9a7c2a1
SHA512

8cd135dd472be2bad017e8d9c8ffb00461b62ea3d9c860bf054250e19a91173ebf36d25af06e465274de1a6c4fde3804b664f2d919bcc4b253a2c3208fddaf83
SSDEEP

6144:CvbfvaZVmweOXxOPtmRyjMDWCO8mk9jCLg5SG+vNh/a6:GvaZBRXx6EDWCpYJvNhi6

Score

10^/10

Malware Config

Extracted

Family

qakbot

Version

404.506

Botnet

tok01

Campaign

1676371257

C2

182.180.105.242:443

87.149.176.97:443

85.59.61.52:2222

216.228.41.244:2222

174.58.146.57:443

103.42.86.110:995

147.219.4.194:443

89.32.157.195:995

76.80.180.154:995

79.67.165.149:995

71.31.101.183:443

198.2.51.242:993

88.111.182.118:2222

72.203.216.98:2222

72.80.7.6:995

12.172.173.82:32101

50.68.204.71:995

209.142.97.83:995

82.121.195.187:2222

81.229.117.95:2222

Attributes

salt
SoNuce]ugdiB3c[doMuce2s81*uXmcvP

Targets

- Target
  
  x.bat
- Size
  
  24B
- MD5
  
  4c761c8d5cfa48b9e24ca8759aa5bd6f
- SHA1
  
  aa0ad683e37d9570dacd74734c2866c480d78547
- SHA256
  
  4936f4877eb907b0053d88c90e3b4a277740038fcf7fa87965d4342fb51515b3
- SHA512
  
  3d4fd1a28012a0c5de552dffa1dbe7e399be411273cc7ad5a174f20a705a56ba71c487bdfce1ab4576041a3389ad8827b9d0500b95ab8dca247fba42450cadd9
Score

10^/10

qakbot tok01 1676371257 banker stealer trojan
- Qakbot/Qbot
  Qbot or Qakbot is a sophisticated worm with banking capabilities.
  trojan banker stealer qakbot
behavioral1 behavioral2

MITRE ATT&CK Matrix

Tasks

Sharing

General

Malware Config

Extracted

Targets

Qakbot/Qbot

MITRE ATT&CK Matrix

Tasks

static1

behavioral1

behavioral2