qakbot | e97d0fef27fe3e831bd23cf2ac654f06bf9ec2f2d3a59593431d62e3d15b878d

General

Target

parallax-systems.com.dll
Size

524KB
Sample

230310-w8yanagf8y
MD5

c3c2565c1401b5a436291df479ae7d28
SHA1

59fde9dcf2b51d6f4e07068f31f54ec5248bf4b6
SHA256

e97d0fef27fe3e831bd23cf2ac654f06bf9ec2f2d3a59593431d62e3d15b878d
SHA512

a322cded7846a9d5b6b848287dab128607c17e4ed43983b68f396839eb39e4d6379d4bf8d5278bc09fd88e183f3de0e7dfe37d9a5879291e9fef37d64d33ad14
SSDEEP

6144:9kIzvcd6bpkttJtlXWPFuXwkj2Zlx2Un8sLjA:mgcbttDlXWPkwkj4xLtLjA

Score

10^/10

Malware Config

Extracted

Family

qakbot

Version

404.226

Botnet

BB18

Campaign

1678346017

C2

114.143.176.235:443

92.154.17.149:2222

2.14.45.117:2222

84.108.200.161:443

109.11.175.42:2222

88.126.94.4:50000

87.202.101.164:50000

50.68.204.71:995

49.245.82.178:2222

12.172.173.82:32101

190.11.198.76:443

79.67.165.149:995

115.87.227.49:443

84.215.202.22:443

118.250.110.98:995

66.131.25.6:443

80.1.152.201:443

198.2.51.242:993

151.48.158.236:443

50.68.204.71:993

Attributes

salt
SoNuce]ugdiB3c[doMuce2s81*uXmcvP

Targets

- Target
  
  parallax-systems.com.dll
- Size
  
  524KB
- MD5
  
  c3c2565c1401b5a436291df479ae7d28
- SHA1
  
  59fde9dcf2b51d6f4e07068f31f54ec5248bf4b6
- SHA256
  
  e97d0fef27fe3e831bd23cf2ac654f06bf9ec2f2d3a59593431d62e3d15b878d
- SHA512
  
  a322cded7846a9d5b6b848287dab128607c17e4ed43983b68f396839eb39e4d6379d4bf8d5278bc09fd88e183f3de0e7dfe37d9a5879291e9fef37d64d33ad14
- SSDEEP
  
  6144:9kIzvcd6bpkttJtlXWPFuXwkj2Zlx2Un8sLjA:mgcbttDlXWPkwkj4xLtLjA
Score

10^/10

qakbot bb18 1678346017 banker stealer trojan
- Qakbot/Qbot
  Qbot or Qakbot is a sophisticated worm with banking capabilities.
  trojan banker stealer qakbot
behavioral1 behavioral2

MITRE ATT&CK Matrix

Tasks

Sharing

General

Malware Config

Extracted

Targets

Qakbot/Qbot

MITRE ATT&CK Matrix

Tasks

static1

behavioral1

behavioral2