qakbot | 1781baade35306801b764ca5c0e8c1e2bcf8323fe56ac469520ba9e29b13374a | Triage

Submit
Reports

Overview

overview

Static

static

3

780be7a70c...f3.dll

windows7-x64

780be7a70c...f3.dll

windows10-2004-x64

Sharing

General

Target

1781baade35306801b764ca5c0e8c1e2bcf8323fe56ac469520ba9e29b13374a
Size

256KB
Sample

240417-ql2fxahb89
MD5

016e017e5e565e5deed9e3272b2b0082
SHA1

9b2be52b034dccec08f1c61c33ae2cdae0ca5f1e
SHA256

1781baade35306801b764ca5c0e8c1e2bcf8323fe56ac469520ba9e29b13374a
SHA512

66d4c17a6d3b87c816e751fdcc4f632b605b4898da29d9f69a746ec7faf0fb157b992a143ee682a0361eb3e4cd02a85e81c3f5a79ccb9b4a5783561b34159ed8
SSDEEP

6144:NcarDPC9DNLMNwymXYzs0y3ITSl0M7yMo1dBOeQTjqhosDbt:NXrDPCHAIsFkITFM7uAe2jKt

Score

10^/10

qakbot tchk06 1702463600 banker stealer trojan

Static task

static1

1 signatures

Behavioral task

behavioral1

Sample

780be7a70ce3567ef268f6c768fc5a3d2510310c603bf481ebffd65e4fe95ff3.dll

Resource

win7-20240220-en

qakbot tchk06 1702463600 banker stealer trojan

windows7-x64

5 signatures

150 seconds

Behavioral task

behavioral2

Sample

780be7a70ce3567ef268f6c768fc5a3d2510310c603bf481ebffd65e4fe95ff3.dll

Resource

win10v2004-20240412-en

qakbot tchk06 1702463600 banker stealer trojan

windows10-2004-x64

5 signatures

150 seconds

Malware Config

Extracted

Family

qakbot

Botnet

tchk06

Campaign

1702463600

C2

45.138.74.191:443

65.108.218.24:443

Attributes

camp_date
2023-12-13 10:33:20 +0000 UTC

Targets

- Target
  
  780be7a70ce3567ef268f6c768fc5a3d2510310c603bf481ebffd65e4fe95ff3.exe
- Size
  
  459KB
- MD5
  
  0a29918110937641bbe4a2d5ee5e4272
- SHA1
  
  7d4a6976c1ece81e01d1f16ac5506266d5210734
- SHA256
  
  780be7a70ce3567ef268f6c768fc5a3d2510310c603bf481ebffd65e4fe95ff3
- SHA512
  
  998a6ee2fa6b345aeea72afaa91add8433e986a2678dbb8995ead786c30bdc00704c39c4857935b20669005b292736d50e1c6ad38901aa1f29db7b6a597fae3f
- SSDEEP
  
  6144:T4+8LGS5U/dvT6+adDaMuMeek1Wg3NkA+8hMzA1W9xCTSI:8fZ5U/dvPadDrNebWg3N+QMc16MOI
Score

10^/10

qakbot tchk06 1702463600 banker stealer trojan
- Detect Qakbot Payload
- Qakbot/Qbot
  Qbot or Qakbot is a sophisticated worm with banking capabilities.
  trojan banker stealer qakbot
behavioral1 behavioral2

MITRE ATT&CK Matrix

Tasks

static1

behavioral1

qakbottchk061702463600bankerstealertrojan

behavioral2

qakbottchk061702463600bankerstealertrojan

© 2018-2024

Terms | Privacy