qakbot | 66416ebc59241a78024b8fa0b8fc376d66ed5e0f818aebccf8260c6a51bae9fd

Resubmissions

20-03-2023 20:02

230320-ysakrsfb83 3

20-03-2023 16:15

230320-tp8wyagd5v 10

20-03-2023 15:02

230320-sef8hagb2v 3

Sharing

Copy URL

Twitter E-mail

General

Target

ConvertiblyBriskish.dll
Size

869KB
Sample

230320-tp8wyagd5v
MD5

33c6c81620ad583916379499e47da4e0
SHA1

a1f947fad1f40273496f0a9c469e624d04fbe63a
SHA256

66416ebc59241a78024b8fa0b8fc376d66ed5e0f818aebccf8260c6a51bae9fd
SHA512

7138a97b701bcfd596f4e9932ea98fef0c6a6b57a250b3e9db654475acd53aca2b2773b844b83a00afb1217efa241cc3018727b4f3870061066d9b21a705947a
SSDEEP

24576:D9sT4pp4P7Empue12E35Tdkq0aljWrHnl5oPhepzGIrx1lA0id6H/Ne:2QeD0nEZAl/i

Score

10^/10

Malware Config

Extracted

Family

qakbot

Version

404.450

Botnet

BB19

Campaign

1679045844

202.142.98.62:443

50.68.204.71:995

81.229.117.95:2222

103.140.174.19:2222

47.34.30.133:443

76.170.252.153:995

183.87.163.165:443

81.133.163.79:2222

83.92.85.93:443

85.241.180.94:443

144.64.226.144:443

76.80.180.154:995

103.42.86.110:995

12.172.173.82:995

24.117.237.157:443

35.143.97.145:995

91.254.229.61:443

74.58.71.237:443

64.237.245.195:443

45.50.233.214:443

Targets

- Target
  
  ConvertiblyBriskish.dll
- Size
  
  869KB
- MD5
  
  33c6c81620ad583916379499e47da4e0
- SHA1
  
  a1f947fad1f40273496f0a9c469e624d04fbe63a
- SHA256
  
  66416ebc59241a78024b8fa0b8fc376d66ed5e0f818aebccf8260c6a51bae9fd
- SHA512
  
  7138a97b701bcfd596f4e9932ea98fef0c6a6b57a250b3e9db654475acd53aca2b2773b844b83a00afb1217efa241cc3018727b4f3870061066d9b21a705947a
- SSDEEP
  
  24576:D9sT4pp4P7Empue12E35Tdkq0aljWrHnl5oPhepzGIrx1lA0id6H/Ne:2QeD0nEZAl/i
Score

10^/10

qakbot bb19 1679045844 banker stealer trojan
- Qakbot/Qbot
  Qbot or Qakbot is a sophisticated worm with banking capabilities.
  trojan banker stealer qakbot
behavioral1 behavioral2

MITRE ATT&CK Matrix

Tasks

Resubmissions

Sharing

General

Malware Config

Extracted

Targets

Qakbot/Qbot

MITRE ATT&CK Matrix

Tasks

static1

behavioral1

behavioral2