qakbot | 3ce79694fc082218747c0a08d61b601b9f429e2a036b0dc424f31d249cbc0b2e

General

Target

ecb8d5a0b6210baabf95744ae5c2604051cc43a4fb3168c5f9f9b757417c8a2a
Size

341KB
Sample

230519-vtrnwshf8x
MD5

9ac0bf599b3b6da8e033a1a0e6298708
SHA1

90fe33f7dab16c1a2661692649db86ac4bcaad45
SHA256

3ce79694fc082218747c0a08d61b601b9f429e2a036b0dc424f31d249cbc0b2e
SHA512

262e48e08d589fea5cb0dbc6d2d2480eaf36cb6271bf047a944286957cf75a1a5a7db2232e828d8f7124fbfe210ef3991e31afd2b93307b020379b0d89f71479
SSDEEP

6144:RWERAAtWfxEj33fNoGAXWGnB1O6HepfWA91Eaw7fs+fyo76aneSRA5wP9w9/M:HWpEjHcXWG/dW191EaWf2aneSow1Yk

Score

10^/10

Malware Config

Extracted

Family

qakbot

Version

404.909

Botnet

BB22

Campaign

1680688614

C2

209.93.207.224:2222

90.93.132.149:2222

109.11.175.42:2222

12.172.173.82:993

86.195.14.72:2222

82.121.195.187:2222

88.122.133.88:32100

86.154.216.221:2222

91.82.133.190:443

197.3.198.241:443

70.112.206.5:443

12.172.173.82:50001

103.123.223.141:443

103.141.50.102:995

201.244.108.183:995

183.87.163.165:443

76.178.148.107:2222

96.87.28.170:2222

76.80.180.154:993

92.189.214.236:2222

Attributes

salt
SoNuce]ugdiB3c[doMuce2s81*uXmcvP

Targets

- Target
  
  ecb8d5a0b6210baabf95744ae5c2604051cc43a4fb3168c5f9f9b757417c8a2a
- Size
  
  594KB
- MD5
  
  c126e38ce0edc58df08f571cfc01e63f
- SHA1
  
  072e83234f78186c491e930a11d3983af4df8fc2
- SHA256
  
  ecb8d5a0b6210baabf95744ae5c2604051cc43a4fb3168c5f9f9b757417c8a2a
- SHA512
  
  11b7e4cf07550d4ce5d13ccc7099f495d814a26c16c70dbbec678d65fc0e9861e34f7b56845a60073951a9a0755758ea4895d2352dc156974bedac806c266156
- SSDEEP
  
  6144:k/ZzllHDjygb7kZJUP9SDTOq3WlrQQurP/o2SiN5ryK9T+gZw/NCxeczYjlDtKK8:+HDjygXeIBrbYXPCd/NyYxRGu5DO
Score

10^/10

qakbot bb22 1680688614 banker stealer trojan
- Qakbot/Qbot
  Qbot or Qakbot is a sophisticated worm with banking capabilities.
  trojan banker stealer qakbot
behavioral1 behavioral2

MITRE ATT&CK Matrix ATT&CK v6

Initial Access

Execution

Persistence

Privilege Escalation

Defense Evasion

Credential Access

Discovery

Remote System Discovery

1

T1018

Lateral Movement

Collection

Exfiltration

Command and Control

Impact

Tasks

Sharing

General

Malware Config

Extracted

Targets

Qakbot/Qbot

MITRE ATT&CK Matrix ATT&CK v6

Tasks

static1

behavioral1

behavioral2