Overview

overview

10

Static

static

3

02.dll

windows10-2004-x64

10

Sharing

Copy URL
Twitter E-mail

General

  • Target

    02.dll

  • Size

    3.5MB

  • Sample

    240418-hh37bsfc3t

  • MD5

    4b7b85d70329e085ab06dcdf9557b0a0

  • SHA1

    3a277203cb4916eb1f55f867f0bd368476c613fb

  • SHA256

    49220571574da61781de37f35c66e8f0dadb18fdedb6d3a1be67485069cfd4b0

  • SHA512

    50087b509b58a50db0a67f2aea2838c2783fb2d1d6f5a22d3a68b31e0cdfa7b3b5d469df16af437a6396d3f8dc75fafd689f9af9ce72bfb0c541a3f37ef77f03

  • SSDEEP

    49152:Js0ewfW1oFguIXFkCEDeQi5LpAO85kDe8MS6pBAuowCSHeuOz8eoY3qtI:vfWzuEKCh91Bw8HFwCS+uXevq

Score
10/10
qakbottchk081710958492bankerstealertrojan

Malware Config

Extracted

Family

qakbot

Botnet

tchk08

Campaign

1710958492

C2

77.105.162.176:995

31.210.173.10:443

5.252.177.195:443
Attributes
  • camp_date

    2024-03-20 18:14:52 +0000 UTC

Targets

    • Target

      02.dll

    • Size

      3.5MB

    • MD5

      4b7b85d70329e085ab06dcdf9557b0a0

    • SHA1

      3a277203cb4916eb1f55f867f0bd368476c613fb

    • SHA256

      49220571574da61781de37f35c66e8f0dadb18fdedb6d3a1be67485069cfd4b0

    • SHA512

      50087b509b58a50db0a67f2aea2838c2783fb2d1d6f5a22d3a68b31e0cdfa7b3b5d469df16af437a6396d3f8dc75fafd689f9af9ce72bfb0c541a3f37ef77f03

    • SSDEEP

      49152:Js0ewfW1oFguIXFkCEDeQi5LpAO85kDe8MS6pBAuowCSHeuOz8eoY3qtI:vfWzuEKCh91Bw8HFwCS+uXevq

    Score
    10/10
    qakbottchk081710958492bankerstealertrojan

    • Detect Qakbot Payload

    • Qakbot/Qbot

      Qbot or Qakbot is a sophisticated worm with banking capabilities.

      trojanbankerstealerqakbot
    behavioral1

MITRE ATT&CK Matrix ATT&CK v13

Initial Access

Execution

Command and Scripting Interpreter

1
T1059

Persistence

Privilege Escalation

Defense Evasion

Credential Access

Discovery

System Information Discovery

1
T1082

Lateral Movement

Collection

Exfiltration

Command and Control

Impact

Resource Development

Reconnaissance

Tasks