qakbot | 41da9355b1137296861187c51515f019cb358ce493136c54a60d1c1d8bf98ed9

General

Target

41da9355b1137296861187c51515f019cb358ce493136c54a60d1c1d8bf98ed9
Size

1.1MB
Sample

230612-xmb1zadc95
MD5

fde3e9bb6886fcf55a2c6e13f87967b8
SHA1

706f36fcc8e4c40da57092c0d22ed8d047b3399a
SHA256

41da9355b1137296861187c51515f019cb358ce493136c54a60d1c1d8bf98ed9
SHA512

3106864317600d3424e18d062d069e60d4d48c3d0a05cd8ee5d4c632d02a07a00ab5236aa68c8bfb978d8cdf6a4ba7193a3044e23edc22dedd3cd18c2d544f09
SSDEEP

24576:N/QKBLJ2TutS+yAFHBdfuwufXJFeZahuC9T6r57hoYNtwj:eRgqLMZc9TY57Oetwj

Score

10^/10

Malware Config

Extracted

Family

qakbot

Version

404.476

Botnet

BB20

Campaign

1679552371

C2

86.225.214.138:2222

49.175.72.7:443

99.252.190.205:2222

102.158.63.36:443

92.186.69.229:2222

216.36.153.248:443

72.205.104.134:443

103.140.174.20:2222

98.145.23.67:443

124.246.122.199:2222

223.167.12.241:995

45.50.233.214:443

12.172.173.82:993

95.242.101.251:995

190.199.184.114:2222

2.82.8.80:443

104.35.24.154:443

184.176.35.223:2222

91.2.135.211:995

12.172.173.82:22

Attributes

salt
SoNuce]ugdiB3c[doMuce2s81*uXmcvP

Targets

- Target
  
  41da9355b1137296861187c51515f019cb358ce493136c54a60d1c1d8bf98ed9
- Size
  
  1.1MB
- MD5
  
  fde3e9bb6886fcf55a2c6e13f87967b8
- SHA1
  
  706f36fcc8e4c40da57092c0d22ed8d047b3399a
- SHA256
  
  41da9355b1137296861187c51515f019cb358ce493136c54a60d1c1d8bf98ed9
- SHA512
  
  3106864317600d3424e18d062d069e60d4d48c3d0a05cd8ee5d4c632d02a07a00ab5236aa68c8bfb978d8cdf6a4ba7193a3044e23edc22dedd3cd18c2d544f09
- SSDEEP
  
  24576:N/QKBLJ2TutS+yAFHBdfuwufXJFeZahuC9T6r57hoYNtwj:eRgqLMZc9TY57Oetwj
Score

10^/10

qakbot bb20 1679552371 banker stealer trojan
- Qakbot/Qbot
  Qbot or Qakbot is a sophisticated worm with banking capabilities.
  trojan banker stealer qakbot
behavioral1 behavioral2

MITRE ATT&CK Matrix

Tasks

Sharing

General

Malware Config

Extracted

Targets

Qakbot/Qbot

MITRE ATT&CK Matrix

Tasks

static1

behavioral1

behavioral2