qakbot | 8d70551dbff3cdabbe2633b02ee4bf1ae31ab63c33abeeda474bd3fce74baf49

General

Target

8d70551dbff3cdabbe2633b02ee4bf1ae31ab63c33abeeda474bd3fce74baf49
Size

564KB
Sample

230511-xws1vaab64
MD5

80d5078dae0d31bed174c251e1d59b10
SHA1

ef7b9e414abf37a3b37c304d7b733d9f8a8adacf
SHA256

8d70551dbff3cdabbe2633b02ee4bf1ae31ab63c33abeeda474bd3fce74baf49
SHA512

07f18cf4645fc2454730febba6c2c71fb98516eaae4a4444fe62d289fd5e3d7f04209108260b6d013569f62c026e1c2c79d99b5843f55803328ab8289d9fdcf6
SSDEEP

12288:t1YEpoSVWkaD25m+RTLQwx7Y+g3D7exbnbq5cuzVtTVG:t1xp374mLbx7jg3fobnbkzVtTU

Score

10^/10

Malware Config

Extracted

Family

qakbot

Version

404.919

Botnet

obama250

Campaign

1681195951

C2

71.38.155.217:443

81.101.185.146:443

86.195.14.72:2222

112.222.83.147:6881

94.5.98.77:443

87.243.146.59:443

190.78.69.250:2222

50.68.204.71:995

184.182.66.109:443

70.28.50.223:32100

83.114.60.6:2222

89.129.109.27:2222

80.12.88.148:2222

74.66.134.24:443

86.130.9.222:2222

12.172.173.82:21

73.36.196.11:443

12.172.173.82:465

186.64.67.25:443

2.36.64.159:2078

Attributes

salt
SoNuce]ugdiB3c[doMuce2s81*uXmcvP

Targets

- Target
  
  8d70551dbff3cdabbe2633b02ee4bf1ae31ab63c33abeeda474bd3fce74baf49
- Size
  
  564KB
- MD5
  
  80d5078dae0d31bed174c251e1d59b10
- SHA1
  
  ef7b9e414abf37a3b37c304d7b733d9f8a8adacf
- SHA256
  
  8d70551dbff3cdabbe2633b02ee4bf1ae31ab63c33abeeda474bd3fce74baf49
- SHA512
  
  07f18cf4645fc2454730febba6c2c71fb98516eaae4a4444fe62d289fd5e3d7f04209108260b6d013569f62c026e1c2c79d99b5843f55803328ab8289d9fdcf6
- SSDEEP
  
  12288:t1YEpoSVWkaD25m+RTLQwx7Y+g3D7exbnbq5cuzVtTVG:t1xp374mLbx7jg3fobnbkzVtTU
Score

10^/10

qakbot obama250 1681195951 banker stealer trojan
- Qakbot/Qbot
  Qbot or Qakbot is a sophisticated worm with banking capabilities.
  trojan banker stealer qakbot
behavioral1 behavioral2

MITRE ATT&CK Enterprise v6

Initial Access

Execution

Persistence

Privilege Escalation

Defense Evasion

Credential Access

Discovery

Remote System Discovery

1

T1018

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Tasks

Resubmissions

Sharing

General

Malware Config

Extracted

Targets

Qakbot/Qbot

MITRE ATT&CK Enterprise v6

Tasks

static1

behavioral1

behavioral2