qakbot | f4ba8fc7b44b2d0fcb57f4ae899eaf09294cf356ca905aa14684dfcabe8890b1

General

Target

qakbot.zip
Size

361KB
Sample

230325-yvwwsaec44
MD5

277055d657a9c9b35f925ecb5fa999ba
SHA1

1c3fa0746426983cf5b997f21ec9d4c2754ecf7a
SHA256

f4ba8fc7b44b2d0fcb57f4ae899eaf09294cf356ca905aa14684dfcabe8890b1
SHA512

444d892c2bba2f19b7313e28e2c53a3dba0adc9d7273142e57af5219237ab56f1106f03ef1c30052efe913c79f4b36cb4d4215de9c7c547a6cd0c80e7ce68099
SSDEEP

6144:Nrjz0GfyeVUVOpu3J9G8Oa4Q3Ucl0dMOKn8JFudApQtclhBaO:1/FVUD59GY4QEldMSXYUTHBL

Score

10^/10

Malware Config

Extracted

Family

qakbot

Version

401.51

Botnet

abc104

Campaign

1606818862

C2

79.119.124.237:443

87.218.53.206:2222

181.169.88.203:443

82.12.157.95:995

94.49.188.240:443

46.124.107.124:6881

86.122.248.164:2222

83.202.68.220:2222

79.129.216.215:2222

37.21.231.245:995

47.187.49.3:2222

2.90.33.130:443

149.28.98.196:995

149.28.99.97:443

45.63.107.192:995

149.28.98.196:2222

45.63.107.192:2222

74.73.27.35:443

149.28.98.196:443

144.202.38.185:2222

Attributes

salt
jHxastDcds)oMc=jvh7wdUhxcsdt2

Extracted

Family

qakbot

Version

401.62

Botnet

abc107

Campaign

1607078484

C2

32.212.117.188:443

109.205.204.229:2222

72.36.59.46:2222

173.18.126.193:2222

96.225.88.23:443

89.137.211.239:443

110.142.205.182:443

82.76.47.211:443

193.83.25.177:995

67.40.253.209:995

73.244.83.199:443

2.90.186.243:995

189.252.62.238:995

141.237.135.194:443

82.78.70.128:443

185.125.151.172:443

79.117.239.22:2222

86.189.252.131:2222

83.114.243.80:2222

2.50.56.81:443

Attributes

salt
jHxastDcds)oMc=jvh7wdUhxcsdt2

Targets

- Target
  
  qakbot.zip
- Size
  
  361KB
- MD5
  
  277055d657a9c9b35f925ecb5fa999ba
- SHA1
  
  1c3fa0746426983cf5b997f21ec9d4c2754ecf7a
- SHA256
  
  f4ba8fc7b44b2d0fcb57f4ae899eaf09294cf356ca905aa14684dfcabe8890b1
- SHA512
  
  444d892c2bba2f19b7313e28e2c53a3dba0adc9d7273142e57af5219237ab56f1106f03ef1c30052efe913c79f4b36cb4d4215de9c7c547a6cd0c80e7ce68099
- SSDEEP
  
  6144:Nrjz0GfyeVUVOpu3J9G8Oa4Q3Ucl0dMOKn8JFudApQtclhBaO:1/FVUD59GY4QEldMSXYUTHBL
Score

1^/10
behavioral1 behavioral2
- Target
  
  a16db0d2025dff39a4a0de4071ce0e73c6810ab497453ad67c16ba0980385f60
- Size
  
  294KB
- MD5
  
  118b1050be87b8189692b82df0ae3045
- SHA1
  
  f7ca1686e66866ce961a3b94bbee1d94b962a450
- SHA256
  
  a16db0d2025dff39a4a0de4071ce0e73c6810ab497453ad67c16ba0980385f60
- SHA512
  
  abe0ae20a6a7a93bdbfe2909185a646b8eae6fdf31de0a1b51f51c79bf845974345448d105cf004e91539dcb81ca6fa504db85b822599a857aeed1f1bb46e5fb
- SSDEEP
  
  3072:D3FMCv2QswnoiglVVcBaQFRmgLo/0S13WCCx2gXaDd3N9eCj6YmVn/XrfbZl:jvv9sMoXBaRmr/dukbvuZ/7fH
Score

10^/10

qakbot abc104 1606818862 banker stealer trojan
- Qakbot/Qbot
  Qbot or Qakbot is a sophisticated worm with banking capabilities.
  trojan banker stealer qakbot
- Loads dropped DLL
behavioral3 behavioral4
- Target
  
  c59d033fa3a58112f7520113699c74552c4d12bb10783fa880359ec94affe2a1
- Size
  
  2.1MB
- MD5
  
  adfa9e13af7bff7b9304de834dc620e6
- SHA1
  
  1eceee464aefad0708f1e5ddcd0550b25da32fe0
- SHA256
  
  c59d033fa3a58112f7520113699c74552c4d12bb10783fa880359ec94affe2a1
- SHA512
  
  c3e459751cd7d36c6fe6934d03144536a3d0f6f85318bf14f798a6ea9d5bee2adf68cb20d2c9ecf861a9bd96b5fd75750fcf283f8fe17a878f19ab7706692c66
- SSDEEP
  
  3072:DNoM+4+Kci5Cbw8IsklTVhKAgUbV6RWWuZ:DW0NHmt9klHb4
Score

10^/10

qakbot abc107 1607078484 banker stealer trojan
- Qakbot/Qbot
  Qbot or Qakbot is a sophisticated worm with banking capabilities.
  trojan banker stealer qakbot
- Loads dropped DLL
behavioral5 behavioral6