qakbot | 763db063d5f7e823e7448e987c506c55b7ab127d5e0309ba00daff8ce7376f4c

General

Target

c5c41839a4bb461178bee23fea74a13ac3aa0d94310b8f296e8596e4c908c354
Size

341KB
Sample

230410-s6e5hsec97
MD5

cf52bfedbeca0effc37a73f90cd285ad
SHA1

2778083b80f574136032c457e9a3370dc81cf8d7
SHA256

763db063d5f7e823e7448e987c506c55b7ab127d5e0309ba00daff8ce7376f4c
SHA512

13fd87e98c761263088fd098013eb66b77b7f08eabf04ed1f3314181770f034d90a0669fadfc2a6b08ddfb310239644b5afc97f36463b770edf4d7089ed03aaa
SSDEEP

6144:BWERAAtWfxEj33fNoGAXWGnB1O6HepfWA91Eaw7fs+fyo76aneSRA5wP73iEd:3WpEjHcXWG/dW191EaWf2aneSowjFd

Score

10^/10

Malware Config

Extracted

Family

qakbot

Version

404.909

Botnet

BB22

Campaign

1680688614

C2

209.93.207.224:2222

90.93.132.149:2222

109.11.175.42:2222

12.172.173.82:993

86.195.14.72:2222

82.121.195.187:2222

88.122.133.88:32100

86.154.216.221:2222

91.82.133.190:443

197.3.198.241:443

70.112.206.5:443

12.172.173.82:50001

103.123.223.141:443

103.141.50.102:995

201.244.108.183:995

183.87.163.165:443

76.178.148.107:2222

96.87.28.170:2222

76.80.180.154:993

92.189.214.236:2222

Attributes

salt
SoNuce]ugdiB3c[doMuce2s81*uXmcvP

Targets

- Target
  
  c5c41839a4bb461178bee23fea74a13ac3aa0d94310b8f296e8596e4c908c354
- Size
  
  589KB
- MD5
  
  8bc8cbdb542d8d42bb25f94e5d0689b0
- SHA1
  
  1a8754d915722336188a508abec359296dfa3f32
- SHA256
  
  c5c41839a4bb461178bee23fea74a13ac3aa0d94310b8f296e8596e4c908c354
- SHA512
  
  0046b064451bf2797df84d32027911f628d9e70068e891e7c85cf8a860ddd6bddb3517c60d70daf6ce60a6ac232e921460d9a3d58a5b5fb66c0394b597531f93
- SSDEEP
  
  6144:k/ZzllHDjygb7kZJUP9SDTOq3WlrQQurP/o2SiN5ryK9T+gZw/NCxeczYjlDtKK8:+HDjygXeIBrbYXPCd/NyYxRGu5DO
Score

10^/10

qakbot bb22 1680688614 banker stealer trojan
- Qakbot/Qbot
  Qbot or Qakbot is a sophisticated worm with banking capabilities.
  trojan banker stealer qakbot
behavioral1 behavioral2

MITRE ATT&CK Matrix ATT&CK v6

Initial Access

Execution

Persistence

Privilege Escalation

Defense Evasion

Credential Access

Discovery

Remote System Discovery

1

T1018

Lateral Movement

Collection

Exfiltration

Command and Control

Impact

Tasks

Sharing

General

Malware Config

Extracted

Targets

Qakbot/Qbot

MITRE ATT&CK Matrix ATT&CK v6

Tasks

static1

behavioral1

behavioral2