qakbot | a27df79ba5f04d6a09189e6d01c301e6ddbf082c67c2853ec2f4bbfdf2b51a56

General

Target

a27df79ba5f04d6a09189e6d01c301e6ddbf082c67c2853ec2f4bbfdf2b51a56
Size

1.5MB
Sample

240226-1fe1tsge92
MD5

e1dbda07124bece1d5d847715c28afbc
SHA1

95bb7058f29ddcec37aaaa0e3348e30361e86d38
SHA256

a27df79ba5f04d6a09189e6d01c301e6ddbf082c67c2853ec2f4bbfdf2b51a56
SHA512

c07332e92435dc83b4aa8368f041d873f22e7977658027a8085da7bf96d47352b1e11ff6cca52517790da08493e21f43d8b8f2314a6f775ad3555b2faf01b3ee
SSDEEP

24576:c/LFmDoE1Zjaqi/3ymfSBjDHubkX0YuSw7zMYQ0a4lFbp:cjivD9EimfEuYXXuSoWx+

Score

10^/10

qakbot aa 1651135890 banker stealer trojan

Malware Config

Extracted

Family

qakbot

Version

403.573

Botnet

AA

Campaign

1651135890

C2

149.135.101.20:443

103.139.243.207:990

1.161.104.149:995

185.249.85.175:443

113.89.5.252:995

202.134.152.2:2222

41.107.132.203:443

191.250.245.193:443

117.248.109.38:21

86.195.158.178:2222

71.13.93.154:2222

45.9.20.200:443

103.87.95.133:2222

173.174.216.62:443

187.58.79.229:993

203.122.46.130:443

32.221.224.140:995

175.145.235.37:443

81.155.87.247:2078

140.82.63.183:443

Attributes

salt
jHxastDcds)oMc=jvh7wdUhxcsdt2

Targets

- Target
  
  a27df79ba5f04d6a09189e6d01c301e6ddbf082c67c2853ec2f4bbfdf2b51a56
- Size
  
  1.5MB
- MD5
  
  e1dbda07124bece1d5d847715c28afbc
- SHA1
  
  95bb7058f29ddcec37aaaa0e3348e30361e86d38
- SHA256
  
  a27df79ba5f04d6a09189e6d01c301e6ddbf082c67c2853ec2f4bbfdf2b51a56
- SHA512
  
  c07332e92435dc83b4aa8368f041d873f22e7977658027a8085da7bf96d47352b1e11ff6cca52517790da08493e21f43d8b8f2314a6f775ad3555b2faf01b3ee
- SSDEEP
  
  24576:c/LFmDoE1Zjaqi/3ymfSBjDHubkX0YuSw7zMYQ0a4lFbp:cjivD9EimfEuYXXuSoWx+
Score

10^/10

qakbot aa 1651135890 banker stealer trojan
- Qakbot/Qbot
  Qbot or Qakbot is a sophisticated worm with banking capabilities.
  trojan banker stealer qakbot
behavioral1 behavioral2

MITRE ATT&CK Matrix

Tasks

Sharing

General

Malware Config

Extracted

Targets

Qakbot/Qbot

MITRE ATT&CK Matrix

Tasks

static1

behavioral1

behavioral2