qakbot | a36ebfb2e229494919fffd76be0a199da415fe826f0ead7a5766d44cfd6ab579

General

Target

a36ebfb2e229494919fffd76be0a199da415fe826f0ead7a5766d44cfd6ab579
Size

515KB
Sample

240226-1m1wwagg95
MD5

ee91b04ce7d49a76c987c4aa4e269300
SHA1

9ebae6f3c883c8d8d7f6c8b6b886105d910f9c1a
SHA256

a36ebfb2e229494919fffd76be0a199da415fe826f0ead7a5766d44cfd6ab579
SHA512

a150d9d688a0f6a6c2c52e75b62fd2c4bdcd4f1e432b27b090bcd458272de4c6f73e5adbf50acbe82b21aa99593efdd92354d47a7c24515d115a4e35311c7303
SSDEEP

12288:2VLOLbYx29jcKY/1Yj70xFqSgzHkuyEFDOwK:Syy2K120/bgzEuyEFC

Score

10^/10

qakbot aa 1648020400 banker stealer trojan

Malware Config

Extracted

Family

qakbot

Version

403.549

Botnet

AA

Campaign

1648020400

C2

120.150.218.241:995

79.52.204.9:50001

161.142.56.8:443

93.48.80.198:995

81.60.216.223:995

1.161.80.99:443

2.34.12.8:443

113.11.89.170:995

74.15.2.252:2222

209.180.70.25:443

86.98.208.214:2222

189.146.51.56:443

203.122.46.130:443

190.73.3.148:2222

197.167.50.74:993

76.70.9.169:2222

75.99.168.194:443

76.69.155.202:2222

176.88.238.122:995

89.137.52.44:443

Attributes

salt
jHxastDcds)oMc=jvh7wdUhxcsdt2

Targets

- Target
  
  a36ebfb2e229494919fffd76be0a199da415fe826f0ead7a5766d44cfd6ab579
- Size
  
  515KB
- MD5
  
  ee91b04ce7d49a76c987c4aa4e269300
- SHA1
  
  9ebae6f3c883c8d8d7f6c8b6b886105d910f9c1a
- SHA256
  
  a36ebfb2e229494919fffd76be0a199da415fe826f0ead7a5766d44cfd6ab579
- SHA512
  
  a150d9d688a0f6a6c2c52e75b62fd2c4bdcd4f1e432b27b090bcd458272de4c6f73e5adbf50acbe82b21aa99593efdd92354d47a7c24515d115a4e35311c7303
- SSDEEP
  
  12288:2VLOLbYx29jcKY/1Yj70xFqSgzHkuyEFDOwK:Syy2K120/bgzEuyEFC
Score

10^/10

qakbot aa 1648020400 banker stealer trojan
- Qakbot/Qbot
  Qbot or Qakbot is a sophisticated worm with banking capabilities.
  trojan banker stealer qakbot
behavioral1 behavioral2

MITRE ATT&CK Matrix

Tasks

Sharing

General

Malware Config

Extracted

Targets

Qakbot/Qbot

MITRE ATT&CK Matrix

Tasks

static1

behavioral1

behavioral2