qakbot | abcba267cfb2c8cbd61bbe1d9f154ce6cdd4575f3a055eb0f97cbe7ba9249ac5

General

Target

5bbb237c3a5bd16dd35889fe6b7dac5ef3315f517c0fbd5328b41be0799a3b60
Size

341KB
Sample

230410-s28k9sga2z
MD5

9575b218945ff7d845a1d2d49b60f339
SHA1

1ca557894fc1b695b7346eed791c6b07d09b5b8e
SHA256

abcba267cfb2c8cbd61bbe1d9f154ce6cdd4575f3a055eb0f97cbe7ba9249ac5
SHA512

e0f4ce5b0592a774c8b785223e43295e6226d5a915a442e491c6028c2d4485b9ffc1510af48fb6caa6d9bf78dc2f1232a509449bd7b94bc9609bd5449fcc57e8
SSDEEP

6144:aWERAAtWfxEj33fNoGAXWGnB1O6HepfWA91Eaw7fs+fyo76aneSRA5wPlQt:oWpEjHcXWG/dW191EaWf2aneSowNQt

Score

10^/10

Malware Config

Extracted

Family

qakbot

Version

404.909

Botnet

BB22

Campaign

1680688614

C2

209.93.207.224:2222

90.93.132.149:2222

109.11.175.42:2222

12.172.173.82:993

86.195.14.72:2222

82.121.195.187:2222

88.122.133.88:32100

86.154.216.221:2222

91.82.133.190:443

197.3.198.241:443

70.112.206.5:443

12.172.173.82:50001

103.123.223.141:443

103.141.50.102:995

201.244.108.183:995

183.87.163.165:443

76.178.148.107:2222

96.87.28.170:2222

76.80.180.154:993

92.189.214.236:2222

Attributes

salt
SoNuce]ugdiB3c[doMuce2s81*uXmcvP

Targets

- Target
  
  5bbb237c3a5bd16dd35889fe6b7dac5ef3315f517c0fbd5328b41be0799a3b60
- Size
  
  580KB
- MD5
  
  aef019590c6b18467b52d8566da497d4
- SHA1
  
  e73b1f459cb640c1f5ccba5553662341ac57bf9f
- SHA256
  
  5bbb237c3a5bd16dd35889fe6b7dac5ef3315f517c0fbd5328b41be0799a3b60
- SHA512
  
  ae5336510b2d6cb409da73a97610663d596ddb1bc8a47eac13e0f0088face4a7b37c58bbf4c37bb304bce3dfc8f6b4d647aa872fba6248f3ee8b4e5d7f6c2dd9
- SSDEEP
  
  6144:k/ZzllHDjygb7kZJUP9SDTOq3WlrQQurP/o2SiN5ryK9T+gZw/NCxeczYjlDtKK8:+HDjygXeIBrbYXPCd/NyYxRGu5DO
Score

10^/10

qakbot bb22 1680688614 banker stealer trojan
- Qakbot/Qbot
  Qbot or Qakbot is a sophisticated worm with banking capabilities.
  trojan banker stealer qakbot
behavioral1 behavioral2

MITRE ATT&CK Matrix ATT&CK v6

Initial Access

Execution

Persistence

Privilege Escalation

Defense Evasion

Credential Access

Discovery

Remote System Discovery

1

T1018

Lateral Movement

Collection

Exfiltration

Command and Control

Impact

Tasks

Sharing

General

Malware Config

Extracted

Targets

Qakbot/Qbot

MITRE ATT&CK Matrix ATT&CK v6

Tasks

static1

behavioral1

behavioral2