qakbot | 51d17f7aa499bf8ccb6d4739ca2040da389c4c908ba315ac93f3e853a7b681e7

General

Target

2f90000.dll
Size

140KB
Sample

230214-yeemkafg58
MD5

20f304bc5c765e6bb7f9cdeaaace6303
SHA1

83586d40ac23c540879dcdad6bc3be2e349930bf
SHA256

51d17f7aa499bf8ccb6d4739ca2040da389c4c908ba315ac93f3e853a7b681e7
SHA512

8be02aa9fb4936807fcf15abbbdf03e0a761700fbb70dcecfe6e48277656bc775ad82399bd6d17b7f65003aef3ff636f99381720ab5f95932844fc513ce4c881
SSDEEP

3072:GySCR7EjSC039FFClajmDUUAfJ9UnNuHTBfPWGK:GQEjSC0NTCZDUBfJ6nQHTBHWG

Score

10^/10

Malware Config

Extracted

Family

qakbot

Version

404.432

Botnet

BB12

Campaign

1675417198

C2

12.172.173.82:995

12.172.173.82:2087

50.68.204.71:443

84.215.202.22:443

98.175.176.254:995

184.155.91.69:443

50.68.186.195:443

183.87.163.165:443

172.248.42.122:443

93.156.100.20:443

102.156.32.143:443

50.60.157.175:995

75.143.236.149:443

69.133.162.35:443

105.184.159.165:995

130.43.172.217:2222

82.36.36.76:443

73.223.248.31:443

202.142.98.62:443

73.161.176.218:443

Attributes

salt
SoNuce]ugdiB3c[doMuce2s81*uXmcvP

Targets

- Target
  
  2f90000.dll
- Size
  
  140KB
- MD5
  
  20f304bc5c765e6bb7f9cdeaaace6303
- SHA1
  
  83586d40ac23c540879dcdad6bc3be2e349930bf
- SHA256
  
  51d17f7aa499bf8ccb6d4739ca2040da389c4c908ba315ac93f3e853a7b681e7
- SHA512
  
  8be02aa9fb4936807fcf15abbbdf03e0a761700fbb70dcecfe6e48277656bc775ad82399bd6d17b7f65003aef3ff636f99381720ab5f95932844fc513ce4c881
- SSDEEP
  
  3072:GySCR7EjSC039FFClajmDUUAfJ9UnNuHTBfPWGK:GQEjSC0NTCZDUBfJ6nQHTBHWG
Score

10^/10

qakbot bb12 1675417198 banker stealer trojan
- Qakbot/Qbot
  Qbot or Qakbot is a sophisticated worm with banking capabilities.
  trojan banker stealer qakbot
- Loads dropped DLL
behavioral1 behavioral2

MITRE ATT&CK Matrix

Tasks

Sharing

General

Malware Config

Extracted

Targets

Qakbot/Qbot

Loads dropped DLL

MITRE ATT&CK Matrix

Tasks

static1

behavioral1

behavioral2