qakbot | 1b4d0f06c0c8a5c010215df7557183e6246468126a242f4a96560af4634ba6ff

General

Target

1b4d0f06c0c8a5c010215df7557183e6246468126a242f4a96560af4634ba6ff
Size

248KB
Sample

230405-vze72sad9z
MD5

df49681ef6c61494d99bc40c1525ecee
SHA1

0fa5976f39c57a8d30da1998480f39b7e170d848
SHA256

1b4d0f06c0c8a5c010215df7557183e6246468126a242f4a96560af4634ba6ff
SHA512

b3ca7c0a9640a72a77f67a38a3f97c8735138996aa42d3a6e51fbc2b20003195823419a512a8990ed4259d3b9e06f2bf314af6cc1c4d831fe31d3f63dcc32f6e
SSDEEP

6144:Ie73XJK8VCoxyusKqXk3gykDeTyFdchqbhIf:pJJCjKzQCyEMbhu

Score

10^/10

Malware Config

Extracted

Family

qakbot

Version

404.909

Botnet

obama248

Campaign

1680678672

C2

59.28.84.65:443

41.96.194.114:443

72.200.109.104:443

122.186.210.254:443

103.144.201.53:2078

90.211.192.113:443

92.97.115.255:2222

112.222.83.147:6881

105.225.50.146:995

103.42.86.42:995

87.243.146.59:443

47.199.241.39:443

12.172.173.82:20

162.248.14.107:443

71.31.100.192:443

84.155.13.118:995

67.10.2.240:995

176.142.207.63:443

70.160.80.210:443

103.111.70.66:443

Attributes

salt
SoNuce]ugdiB3c[doMuce2s81*uXmcvP

Targets

- Target
  
  1b4d0f06c0c8a5c010215df7557183e6246468126a242f4a96560af4634ba6ff
- Size
  
  248KB
- MD5
  
  df49681ef6c61494d99bc40c1525ecee
- SHA1
  
  0fa5976f39c57a8d30da1998480f39b7e170d848
- SHA256
  
  1b4d0f06c0c8a5c010215df7557183e6246468126a242f4a96560af4634ba6ff
- SHA512
  
  b3ca7c0a9640a72a77f67a38a3f97c8735138996aa42d3a6e51fbc2b20003195823419a512a8990ed4259d3b9e06f2bf314af6cc1c4d831fe31d3f63dcc32f6e
- SSDEEP
  
  6144:Ie73XJK8VCoxyusKqXk3gykDeTyFdchqbhIf:pJJCjKzQCyEMbhu
Score

10^/10

qakbot obama248 1680678672 banker stealer trojan
- Qakbot/Qbot
  Qbot or Qakbot is a sophisticated worm with banking capabilities.
  trojan banker stealer qakbot
behavioral1 behavioral2

MITRE ATT&CK Matrix ATT&CK v6

Initial Access

Execution

Persistence

Privilege Escalation

Defense Evasion

Credential Access

Discovery

Remote System Discovery

1

T1018

Lateral Movement

Collection

Exfiltration

Command and Control

Impact

Tasks

Sharing

General

Malware Config

Extracted

Targets

Qakbot/Qbot

MITRE ATT&CK Matrix ATT&CK v6

Tasks

static1

behavioral1

behavioral2