qakbot | 81e49a38bf964c207c561656295ec4d349c40239342fa59ed761cb4efad9490d

General

Target

4000hz.dat
Size

1.2MB
Sample

230616-nstcrsee4w
MD5

3106a030a6f3083be7e5809727687e4b
SHA1

dcf81a4b10c7d6122fc68253172fef4cf59aebbf
SHA256

81e49a38bf964c207c561656295ec4d349c40239342fa59ed761cb4efad9490d
SHA512

395e086eb3dee1823c2dc2a608bde147387185a889207212c3c9cc29d092ac623ea572c83753deb52d581bfabc3e354a263474a8e2b5669ea4b4b1741eef297a
SSDEEP

24576:KGSbIuGSom9C0k1HH1cqj06uPi2bro8nuuDYmc1WpFgiYnGn6AW:Kf8r9W01Gn6

Score

10^/10

Malware Config

Extracted

Family

qakbot

Version

404.1374

Botnet

BB32

Campaign

1686908761

C2

86.176.144.175:2222

86.248.228.57:2078

88.171.156.150:50000

183.87.163.165:443

45.201.208.87:443

74.12.147.205:2222

96.87.28.170:2222

70.28.50.223:32100

220.79.238.82:443

12.172.173.82:995

45.2.61.134:3389

70.160.67.203:443

103.141.50.45:995

88.126.94.4:50000

70.28.50.223:3389

142.181.206.222:2222

51.37.181.9:443

223.166.13.95:995

162.248.14.107:443

95.45.50.93:2222

Targets

- Target
  
  4000hz.dat
- Size
  
  1.2MB
- MD5
  
  3106a030a6f3083be7e5809727687e4b
- SHA1
  
  dcf81a4b10c7d6122fc68253172fef4cf59aebbf
- SHA256
  
  81e49a38bf964c207c561656295ec4d349c40239342fa59ed761cb4efad9490d
- SHA512
  
  395e086eb3dee1823c2dc2a608bde147387185a889207212c3c9cc29d092ac623ea572c83753deb52d581bfabc3e354a263474a8e2b5669ea4b4b1741eef297a
- SSDEEP
  
  24576:KGSbIuGSom9C0k1HH1cqj06uPi2bro8nuuDYmc1WpFgiYnGn6AW:Kf8r9W01Gn6
Score

10^/10

qakbot bb32 1686908761 banker stealer trojan
- Qakbot/Qbot
  Qbot or Qakbot is a sophisticated worm with banking capabilities.
  trojan banker stealer qakbot
behavioral1 behavioral2

MITRE ATT&CK Matrix

Tasks

Sharing

General

Malware Config

Extracted

Targets

Qakbot/Qbot

MITRE ATT&CK Matrix

Tasks

static1

behavioral1

behavioral2