qakbot | 06d55f75d7c76d6924c0b8439fa3cda28b89284204a6db982e4baf3a37fb35d2

General

Target

dd119e4cab8169c27e5bb65f306ed792
Size

676KB
Sample

231220-s8b6msbfdk
MD5

dd119e4cab8169c27e5bb65f306ed792
SHA1

a93b6b76b8427caa20f2c041fbf50ba27d2b6aac
SHA256

06d55f75d7c76d6924c0b8439fa3cda28b89284204a6db982e4baf3a37fb35d2
SHA512

74f86cab700fe211152ce8b74166156c4feebc71c9f5907fafafca531b2f47af7e9d4d52409411e488e6dd4109e4823b915ff7129d7b2f9a416dde765a3a18cb
SSDEEP

12288:4tLXMCbQtfmiGkbe0WvbojNSxfjUmBrCy0+WuQBYOI+vxprp2:sXPQtfmiF8TUArCy0+WusxJp

Score

10^/10

qakbot tr 1633597626 banker stealer trojan

Malware Config

Extracted

Family

qakbot

Version

402.363

Botnet

tr

Campaign

1633597626

C2

120.150.218.241:995

185.250.148.74:443

89.137.52.44:443

66.103.170.104:2222

86.8.177.143:443

216.201.162.158:443

174.54.193.186:443

103.148.120.144:443

188.50.169.158:443

124.123.42.115:2222

140.82.49.12:443

199.27.127.129:443

81.241.252.59:2078

209.142.97.161:995

209.50.20.255:443

73.230.205.91:443

200.232.214.222:995

103.142.10.177:443

2.222.167.138:443

41.228.22.180:443

Attributes

salt
jHxastDcds)oMc=jvh7wdUhxcsdt2

Targets

- Target
  
  dd119e4cab8169c27e5bb65f306ed792
- Size
  
  676KB
- MD5
  
  dd119e4cab8169c27e5bb65f306ed792
- SHA1
  
  a93b6b76b8427caa20f2c041fbf50ba27d2b6aac
- SHA256
  
  06d55f75d7c76d6924c0b8439fa3cda28b89284204a6db982e4baf3a37fb35d2
- SHA512
  
  74f86cab700fe211152ce8b74166156c4feebc71c9f5907fafafca531b2f47af7e9d4d52409411e488e6dd4109e4823b915ff7129d7b2f9a416dde765a3a18cb
- SSDEEP
  
  12288:4tLXMCbQtfmiGkbe0WvbojNSxfjUmBrCy0+WuQBYOI+vxprp2:sXPQtfmiF8TUArCy0+WusxJp
Score

10^/10

qakbot tr 1633597626 banker stealer trojan
- Qakbot/Qbot
  Qbot or Qakbot is a sophisticated worm with banking capabilities.
  trojan banker stealer qakbot
behavioral1 behavioral2

MITRE ATT&CK Enterprise v15

Reconnaissance

Resource Development

Initial Access

Execution

Scheduled Task/Job

1

T1053

Persistence

Scheduled Task/Job

1

T1053

Privilege Escalation

Scheduled Task/Job

1

T1053

Defense Evasion

Credential Access

Discovery

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Tasks

Sharing

General

Malware Config

Extracted

Targets

Qakbot/Qbot

MITRE ATT&CK Enterprise v15

Tasks

static1

behavioral1

behavioral2