qakbot | 32d913660944a250e8a8047ed8f6084d68b670198fe17982b6df763a9eefa5de

General

Target

Mesencephalon.andreaeaAndroid
Size

597KB
Sample

230406-xzdqbsgg2w
MD5

4ca2399ec2a1b2b81956156c71f49184
SHA1

81cd9dd7b52663cf347fe464c9e7d24f5ac2eced
SHA256

32d913660944a250e8a8047ed8f6084d68b670198fe17982b6df763a9eefa5de
SHA512

0c2e2656afac7613fe956c9fb6471473aa3e6b37dadf262eb52e28679a36fcfc1efa56792881be4ed325a3c54b5a267d4ce7735fd0b84103c98710bc33ca5391
SSDEEP

12288:PmELFoLbESp2/+GdFbvTR49hZlALJmGW2qVCNKrEb:/FobGjR49lIJmGHqUNK

Score

10^/10

Malware Config

Extracted

Family

qakbot

Version

404.909

Botnet

BB22

Campaign

1680772777

C2

83.77.208.166:2222

47.205.25.170:443

12.172.173.82:995

24.236.90.196:2078

75.109.111.89:443

45.50.233.214:443

86.209.8.236:2222

92.154.17.149:2222

59.153.96.4:443

91.82.133.190:443

197.92.131.255:443

103.42.86.42:995

12.172.173.82:21

73.36.196.11:443

77.126.11.114:443

103.140.174.20:2222

12.172.173.82:465

119.82.123.160:443

116.72.250.18:443

109.50.143.218:2222

Attributes

salt
SoNuce]ugdiB3c[doMuce2s81*uXmcvP

Targets

- Target
  
  Mesencephalon.andreaeaAndroid
- Size
  
  597KB
- MD5
  
  4ca2399ec2a1b2b81956156c71f49184
- SHA1
  
  81cd9dd7b52663cf347fe464c9e7d24f5ac2eced
- SHA256
  
  32d913660944a250e8a8047ed8f6084d68b670198fe17982b6df763a9eefa5de
- SHA512
  
  0c2e2656afac7613fe956c9fb6471473aa3e6b37dadf262eb52e28679a36fcfc1efa56792881be4ed325a3c54b5a267d4ce7735fd0b84103c98710bc33ca5391
- SSDEEP
  
  12288:PmELFoLbESp2/+GdFbvTR49hZlALJmGW2qVCNKrEb:/FobGjR49lIJmGHqUNK
Score

10^/10

qakbot bb22 1680772777 banker stealer trojan
- Qakbot/Qbot
  Qbot or Qakbot is a sophisticated worm with banking capabilities.
  trojan banker stealer qakbot
behavioral1 behavioral2

MITRE ATT&CK Matrix ATT&CK v6

Initial Access

Execution

Command-Line Interface

1

T1059

Persistence

Privilege Escalation

Defense Evasion

Credential Access

Discovery

System Information Discovery

1

T1082

Remote System Discovery

1

T1018

Lateral Movement

Collection

Exfiltration

Command and Control

Impact

Tasks

Sharing

General

Malware Config

Extracted

Targets

Qakbot/Qbot

MITRE ATT&CK Matrix ATT&CK v6

Tasks

static1

behavioral1

behavioral2