qakbot | 0307ab4d314e349614030c4fde71a9d5f0fba388efcc24dd621ccf8466166c8f

General

Target

0307ab4d314e349614030c4fde71a9d5f0fba388efcc24dd621ccf8466166c8f.dll
Size

133KB
Sample

230216-dm9gpafe24
MD5

1274c28cd397874482b003818a1289d1
SHA1

be7c58d18a5d10dd7e3571fe8a7019382fa89b5a
SHA256

0307ab4d314e349614030c4fde71a9d5f0fba388efcc24dd621ccf8466166c8f
SHA512

7f322e636e2d1f4ae143f474674a90388ab410156097334482108f115360e97adf27a5a2ffee418365ba3981a251d6627159acf2699d9901f0468b879762a87c
SSDEEP

3072:SQNbnQ4MnC3pDGCjZJzkWjGRAuJjen68TBfPOo/q:Sp4MnCZCCViWjGauJyn68TBHOo/q

Score

10^/10

Malware Config

Extracted

Family

qakbot

Version

404.510

Botnet

tok01

Campaign

1676453967

C2

75.143.236.149:443

85.61.165.153:2222

103.231.216.238:443

181.118.206.65:995

183.87.163.165:443

98.145.23.67:443

150.107.231.59:2222

122.184.143.82:443

82.127.204.82:2222

136.244.25.165:443

50.68.204.71:443

162.248.14.107:443

114.79.180.14:995

75.98.154.19:443

86.130.9.232:2222

124.122.56.144:443

85.241.180.94:443

2.99.47.198:2222

109.150.179.236:2222

73.29.92.128:443

Attributes

salt
SoNuce]ugdiB3c[doMuce2s81*uXmcvP

Targets

- Target
  
  0307ab4d314e349614030c4fde71a9d5f0fba388efcc24dd621ccf8466166c8f.dll
- Size
  
  133KB
- MD5
  
  1274c28cd397874482b003818a1289d1
- SHA1
  
  be7c58d18a5d10dd7e3571fe8a7019382fa89b5a
- SHA256
  
  0307ab4d314e349614030c4fde71a9d5f0fba388efcc24dd621ccf8466166c8f
- SHA512
  
  7f322e636e2d1f4ae143f474674a90388ab410156097334482108f115360e97adf27a5a2ffee418365ba3981a251d6627159acf2699d9901f0468b879762a87c
- SSDEEP
  
  3072:SQNbnQ4MnC3pDGCjZJzkWjGRAuJjen68TBfPOo/q:Sp4MnCZCCViWjGauJyn68TBHOo/q
Score

10^/10

qakbot tok01 1676453967 banker stealer trojan
- Qakbot/Qbot
  Qbot or Qakbot is a sophisticated worm with banking capabilities.
  trojan banker stealer qakbot
behavioral1 behavioral2

MITRE ATT&CK Matrix

Tasks

Sharing

General

Malware Config

Extracted

Targets

Qakbot/Qbot

MITRE ATT&CK Matrix

Tasks

static1

behavioral1

behavioral2