qakbot | 8869ef636622af19b136c0d69f8625bc0e0fb60cb1a4d8066792dc2b7d9936a4

Resubmissions

06-04-2023 20:41

230406-zgyc5afa88 10

06-04-2023 20:41

230406-zglz4aha51 1

06-04-2023 20:40

230406-zf91jafa83 1

06-04-2023 20:40

230406-zfzvkafa78 1

Sharing

Copy URL

Twitter E-mail

General

Target

8869ef636622af19b136c0d69f8625bc0e0fb60cb1a4d8066792dc2b7d9936a4.bin
Size

958KB
Sample

230406-zgyc5afa88
MD5

b57532c33d7fead3105e9312cb544e11
SHA1

725fadbdbcdbd83509da0b46672c0f0bd44288d6
SHA256

8869ef636622af19b136c0d69f8625bc0e0fb60cb1a4d8066792dc2b7d9936a4
SHA512

d74398f1857b61b36b136f216eef9b5d5a50d6c322979edce8ac40f498d5a126d709a2b1beaa15cccdfe7f76fb9d2bac6c8b243e0f5b0393acade64835779cf2
SSDEEP

24576:N7B2XT54Bln2lt2Nqjofsbh3Yz0APZwft0:NEoEh3Y1PSfe

Score

10^/10

Malware Config

Extracted

Family

qakbot

Version

404.909

Botnet

BB22

Campaign

1680772777

83.77.208.166:2222

47.205.25.170:443

12.172.173.82:995

24.236.90.196:2078

75.109.111.89:443

45.50.233.214:443

86.209.8.236:2222

92.154.17.149:2222

59.153.96.4:443

91.82.133.190:443

197.92.131.255:443

103.42.86.42:995

12.172.173.82:21

73.36.196.11:443

77.126.11.114:443

103.140.174.20:2222

12.172.173.82:465

119.82.123.160:443

116.72.250.18:443

109.50.143.218:2222

Attributes

salt
SoNuce]ugdiB3c[doMuce2s81*uXmcvP

Targets

- Target
  
  8869ef636622af19b136c0d69f8625bc0e0fb60cb1a4d8066792dc2b7d9936a4.bin
- Size
  
  958KB
- MD5
  
  b57532c33d7fead3105e9312cb544e11
- SHA1
  
  725fadbdbcdbd83509da0b46672c0f0bd44288d6
- SHA256
  
  8869ef636622af19b136c0d69f8625bc0e0fb60cb1a4d8066792dc2b7d9936a4
- SHA512
  
  d74398f1857b61b36b136f216eef9b5d5a50d6c322979edce8ac40f498d5a126d709a2b1beaa15cccdfe7f76fb9d2bac6c8b243e0f5b0393acade64835779cf2
- SSDEEP
  
  24576:N7B2XT54Bln2lt2Nqjofsbh3Yz0APZwft0:NEoEh3Y1PSfe
Score

10^/10

qakbot bb22 1680772777 banker stealer trojan
- Qakbot/Qbot
  Qbot or Qakbot is a sophisticated worm with banking capabilities.
  trojan banker stealer qakbot
behavioral1 behavioral2

MITRE ATT&CK Matrix ATT&CK v6

Initial Access

Execution

Persistence

Privilege Escalation

Defense Evasion

Credential Access

Discovery

Remote System Discovery

T1018

Lateral Movement

Collection

Exfiltration

Command and Control

Impact

Tasks

Resubmissions

Sharing

General

Malware Config

Extracted

Targets

Qakbot/Qbot

MITRE ATT&CK Matrix ATT&CK v6

Tasks

static1

behavioral1

behavioral2