qakbot | 45fbfb9658cbfd1fe2fa102cf05bd38f458864e3f39f2c72dc4b073b114a2e24

General

Target

45fbfb9658cbfd1fe2fa102cf05bd38f458864e3f39f2c72dc4b073b114a2e24.dll
Size

336KB
Sample

230419-ljqt6sbe41
MD5

64ad73dd7f791257e336a550338a7e96
SHA1

e94fa4a9217a51488f688aaa6ab84d23ba4529af
SHA256

45fbfb9658cbfd1fe2fa102cf05bd38f458864e3f39f2c72dc4b073b114a2e24
SHA512

117a67c89669783243f01686705f6f4ea9c4aa01b973a47037b7d85d3f932ac881eccd938be2690bab7d24fb737b56b6269467ecc367d45da11f5f3faa22bfc2
SSDEEP

6144:rGpptTq76Et/NPHn1PdjxFJwMoW9vTWF5K6bVt2Eyfs/nqlbbHyx2f8qo+AwrOE:rG7Nq76qPVltfTvTWF5K6zPyfsyZ+x29

Score

10^/10

Malware Config

Extracted

Family

qakbot

Version

404.919

Botnet

BB23

Campaign

1681291772

C2

101.184.134.98:2222

23.30.22.225:993

104.35.24.154:443

85.2.185.70:2222

14.192.241.76:995

47.196.225.236:443

78.92.133.215:443

176.202.45.209:443

174.118.63.123:443

84.35.26.14:995

86.171.191.31:443

103.141.50.79:995

213.67.139.53:2222

172.115.17.50:443

198.2.51.242:993

69.133.162.35:443

58.162.223.233:443

91.169.12.198:32100

47.21.51.138:443

35.143.97.145:995

Attributes

salt
SoNuce]ugdiB3c[doMuce2s81*uXmcvP

Targets

- Target
  
  45fbfb9658cbfd1fe2fa102cf05bd38f458864e3f39f2c72dc4b073b114a2e24.dll
- Size
  
  336KB
- MD5
  
  64ad73dd7f791257e336a550338a7e96
- SHA1
  
  e94fa4a9217a51488f688aaa6ab84d23ba4529af
- SHA256
  
  45fbfb9658cbfd1fe2fa102cf05bd38f458864e3f39f2c72dc4b073b114a2e24
- SHA512
  
  117a67c89669783243f01686705f6f4ea9c4aa01b973a47037b7d85d3f932ac881eccd938be2690bab7d24fb737b56b6269467ecc367d45da11f5f3faa22bfc2
- SSDEEP
  
  6144:rGpptTq76Et/NPHn1PdjxFJwMoW9vTWF5K6bVt2Eyfs/nqlbbHyx2f8qo+AwrOE:rG7Nq76qPVltfTvTWF5K6zPyfsyZ+x29
Score

10^/10

qakbot bb23 1681291772 banker stealer trojan
- Qakbot/Qbot
  Qbot or Qakbot is a sophisticated worm with banking capabilities.
  trojan banker stealer qakbot
behavioral1 behavioral2

MITRE ATT&CK Enterprise v6

Initial Access

Execution

Persistence

Privilege Escalation

Defense Evasion

Credential Access

Discovery

Remote System Discovery

1

T1018

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Tasks

Sharing

General

Malware Config

Extracted

Targets

Qakbot/Qbot

MITRE ATT&CK Enterprise v6

Tasks

static1

behavioral1

behavioral2