qakbot | c9cca7ebd18e88aa627878060735db234b26104c19fff55aab6b651e35196e33

General

Target

me97U.dat
Size

860KB
Sample

230320-s9baqsgc5y
MD5

71af65171b500352fcf6e2e0d35462f2
SHA1

8e60346a8f8344cd9e755113b2e94981a2424d68
SHA256

c9cca7ebd18e88aa627878060735db234b26104c19fff55aab6b651e35196e33
SHA512

2f41ddb99c009ae52f942148068e004308c64972f8d9ef91c228613dd5fa38ba5127da6ae8c9f4446a1729dd7518bc809b3739796ab0f4169495286c27bfdc47
SSDEEP

24576:i9sT4ppMP7Empue12E35Tdkq0aljWrHnl5oPhepzGIrx1lA0ijNl:bQOD0nEZAl/iX

Score

10^/10

Malware Config

Extracted

Family

qakbot

Version

404.450

Botnet

obama244

Campaign

1679299070

C2

116.75.63.17:443

136.244.25.165:443

184.153.132.82:443

217.165.247.145:2222

35.143.97.145:995

86.98.17.65:443

49.245.95.124:2222

47.34.30.133:443

92.149.250.113:2222

92.186.69.229:2222

86.195.14.72:2222

92.154.45.81:2222

69.119.123.159:2222

64.237.245.195:443

58.186.75.42:443

178.152.121.81:443

12.172.173.82:465

125.99.69.178:443

98.222.212.149:443

175.156.65.126:2222

Targets

- Target
  
  me97U.dat
- Size
  
  860KB
- MD5
  
  71af65171b500352fcf6e2e0d35462f2
- SHA1
  
  8e60346a8f8344cd9e755113b2e94981a2424d68
- SHA256
  
  c9cca7ebd18e88aa627878060735db234b26104c19fff55aab6b651e35196e33
- SHA512
  
  2f41ddb99c009ae52f942148068e004308c64972f8d9ef91c228613dd5fa38ba5127da6ae8c9f4446a1729dd7518bc809b3739796ab0f4169495286c27bfdc47
- SSDEEP
  
  24576:i9sT4ppMP7Empue12E35Tdkq0aljWrHnl5oPhepzGIrx1lA0ijNl:bQOD0nEZAl/iX
Score

10^/10

qakbot obama244 1679299070 banker stealer trojan
- Qakbot/Qbot
  Qbot or Qakbot is a sophisticated worm with banking capabilities.
  trojan banker stealer qakbot
behavioral1 behavioral2

MITRE ATT&CK Matrix

Tasks

Sharing

General

Malware Config

Extracted

Targets

Qakbot/Qbot

MITRE ATT&CK Matrix

Tasks

static1

behavioral1

behavioral2