qakbot | 8d1f98388a1789c439513fa0f2a656ec6fe3583bfd5909a17fbea24e2511ec60

General

Target

155c6b3720031b85782c32bba1aea3df32ab65522d5d4cc85385bafbc4dc0674
Size

341KB
Sample

230410-s714daed33
MD5

4ade1e9bc60ef8dc403e7984df3c86ad
SHA1

a98d2ef300f291de27169fb6eaa45f1f9e181735
SHA256

8d1f98388a1789c439513fa0f2a656ec6fe3583bfd5909a17fbea24e2511ec60
SHA512

c391185cda7256769ce85c325f26a77755644a42f815a2d597f30e390fa03792c2582bf5428a0062039b97ea522e5c3147e59b30b9264a3c7f874a4a9b5a3529
SSDEEP

6144:hWERAAtWfxEj33fNoGAXWGnB1O6HepfWA91Eaw7fs+fyo76aneSRA5wPdw9/L:XWpEjHcXWG/dW191EaWf2aneSow1YD

Score

10^/10

Malware Config

Extracted

Family

qakbot

Version

404.909

Botnet

BB22

Campaign

1680688614

C2

209.93.207.224:2222

90.93.132.149:2222

109.11.175.42:2222

12.172.173.82:993

86.195.14.72:2222

82.121.195.187:2222

88.122.133.88:32100

86.154.216.221:2222

91.82.133.190:443

197.3.198.241:443

70.112.206.5:443

12.172.173.82:50001

103.123.223.141:443

103.141.50.102:995

201.244.108.183:995

183.87.163.165:443

76.178.148.107:2222

96.87.28.170:2222

76.80.180.154:993

92.189.214.236:2222

Attributes

salt
SoNuce]ugdiB3c[doMuce2s81*uXmcvP

Targets

- Target
  
  155c6b3720031b85782c32bba1aea3df32ab65522d5d4cc85385bafbc4dc0674
- Size
  
  597KB
- MD5
  
  9dde5f19152f6d8b54605a47a5c743b7
- SHA1
  
  1a64e7e48823145abb03c85fc02b91ed65ebc9b2
- SHA256
  
  155c6b3720031b85782c32bba1aea3df32ab65522d5d4cc85385bafbc4dc0674
- SHA512
  
  7363b231f7f89a08e7a87430375c663d8b1d1b6989bf8d4f4d6bfcc07f74a92673162e901456bba64a7b28b72b4172d03c1e66f0bc8b50856efca01c996d7aab
- SSDEEP
  
  6144:k/ZzllHDjygb7kZJUP9SDTOq3WlrQQurP/o2SiN5ryK9T+gZw/NCxeczYjlDtKK8:+HDjygXeIBrbYXPCd/NyYxRGu5DO
Score

10^/10

qakbot bb22 1680688614 banker stealer trojan
- Qakbot/Qbot
  Qbot or Qakbot is a sophisticated worm with banking capabilities.
  trojan banker stealer qakbot
behavioral1 behavioral2

MITRE ATT&CK Matrix ATT&CK v6

Initial Access

Execution

Persistence

Privilege Escalation

Defense Evasion

Credential Access

Discovery

Remote System Discovery

1

T1018

Lateral Movement

Collection

Exfiltration

Command and Control

Impact

Tasks

Sharing

General

Malware Config

Extracted

Targets

Qakbot/Qbot

MITRE ATT&CK Matrix ATT&CK v6

Tasks

static1

behavioral1

behavioral2