qakbot | a3eb42abc461cd5cc26bc87a8e7c93ec1eaa46b40c15a55b94b7c76b48cf0b0a

General

Target

a3eb42abc461cd5cc26bc87a8e7c93ec1eaa46b40c15a55b94b7c76b48cf0b0a
Size

1.1MB
Sample

240226-1q5dgagh95
MD5

cf300cd47a865824c2f8705aebae6eee
SHA1

a064a0ee077e465f14f435676ff794ecc80f08c6
SHA256

a3eb42abc461cd5cc26bc87a8e7c93ec1eaa46b40c15a55b94b7c76b48cf0b0a
SHA512

36f0f12637cedd0ca15ec37ac41cb1415dc190d67d94693c49178e751b1db7f79f0ca400ee6fd4d8d31296d8773958cf077d295232647c62512a14f80b322402
SSDEEP

24576:UmfEXFuca6UFUqybkX0YuSw7zMYQ0a4lFb2:UmMu6+UfYXXuSoWx+

Score

10^/10

Malware Config

Extracted

Family

qakbot

Version

403.573

Botnet

obama181

Campaign

1651246804

C2

47.23.89.62:995

2.34.12.8:443

38.70.253.226:2222

47.23.89.62:993

75.99.168.194:443

41.228.22.180:443

140.82.49.12:443

148.64.96.100:443

108.60.213.141:443

2.50.4.57:443

187.208.137.144:443

187.207.47.198:61202

187.250.114.15:443

86.132.13.91:2078

149.135.101.20:443

67.209.195.198:443

187.172.170.129:443

190.252.242.69:443

174.69.215.101:443

75.99.168.194:61201

Attributes

salt
jHxastDcds)oMc=jvh7wdUhxcsdt2

Targets

- Target
  
  a3eb42abc461cd5cc26bc87a8e7c93ec1eaa46b40c15a55b94b7c76b48cf0b0a
- Size
  
  1.1MB
- MD5
  
  cf300cd47a865824c2f8705aebae6eee
- SHA1
  
  a064a0ee077e465f14f435676ff794ecc80f08c6
- SHA256
  
  a3eb42abc461cd5cc26bc87a8e7c93ec1eaa46b40c15a55b94b7c76b48cf0b0a
- SHA512
  
  36f0f12637cedd0ca15ec37ac41cb1415dc190d67d94693c49178e751b1db7f79f0ca400ee6fd4d8d31296d8773958cf077d295232647c62512a14f80b322402
- SSDEEP
  
  24576:UmfEXFuca6UFUqybkX0YuSw7zMYQ0a4lFb2:UmMu6+UfYXXuSoWx+
Score

10^/10

qakbot obama181 1651246804 banker stealer trojan
- Qakbot/Qbot
  Qbot or Qakbot is a sophisticated worm with banking capabilities.
  trojan banker stealer qakbot
behavioral1 behavioral2

MITRE ATT&CK Matrix

Tasks

Sharing

General

Malware Config

Extracted

Targets

Qakbot/Qbot

MITRE ATT&CK Matrix

Tasks

static1

behavioral1

behavioral2