qakbot | f4f8a14f76055dbe55422ba8754582ed8abf139b7ed33630fa656cb7e879bc7d

General

Target

NewInformation.lc
Size

645KB
Sample

240421-jnyz8seg8w
MD5

dc01f89f042f88c520f6c93f27ad296d
SHA1

b64304ba5bdd378b6155135b3e3847aa9a04cb34
SHA256

f4f8a14f76055dbe55422ba8754582ed8abf139b7ed33630fa656cb7e879bc7d
SHA512

412ff1ca8fde1ccddebf1f91b06cedf6e50a990a662a5b5ec92f8a5815b1a807ef571faeb836ae724813060d6e7f34bbf2a60bc30ec74606abbdccc70231286f
SSDEEP

12288:zYokNyxh/QFYZLlW0qSQ8qVC6od45xk2SCWise:EdEvoFkRkS/qI6odz2vWi

Score

10^/10

Malware Config

Extracted

Family

qakbot

Version

404.30

Botnet

azd

Campaign

1670515354

C2

136.35.241.159:443

73.36.196.11:443

12.172.173.82:50001

190.24.45.24:995

193.253.100.236:2222

109.11.175.42:2222

92.8.190.211:2222

50.90.249.161:443

66.180.226.117:2222

201.208.139.250:2222

12.172.173.82:22

75.98.154.19:443

24.142.218.202:443

70.77.116.233:443

90.4.193.117:2222

24.69.87.61:443

98.147.155.235:443

83.213.192.136:443

176.133.4.230:995

71.31.101.183:443

Attributes

salt
SoNuce]ugdiB3c[doMuce2s81*uXmcvP

Targets

- Target
  
  NewInformation.lc
- Size
  
  645KB
- MD5
  
  dc01f89f042f88c520f6c93f27ad296d
- SHA1
  
  b64304ba5bdd378b6155135b3e3847aa9a04cb34
- SHA256
  
  f4f8a14f76055dbe55422ba8754582ed8abf139b7ed33630fa656cb7e879bc7d
- SHA512
  
  412ff1ca8fde1ccddebf1f91b06cedf6e50a990a662a5b5ec92f8a5815b1a807ef571faeb836ae724813060d6e7f34bbf2a60bc30ec74606abbdccc70231286f
- SSDEEP
  
  12288:zYokNyxh/QFYZLlW0qSQ8qVC6od45xk2SCWise:EdEvoFkRkS/qI6odz2vWi
Score

10^/10

qakbot azd 1670515354 banker stealer trojan
- Qakbot/Qbot
  Qbot or Qakbot is a sophisticated worm with banking capabilities.
  trojan banker stealer qakbot
behavioral1 behavioral2

MITRE ATT&CK Matrix

Tasks

Sharing

General

Malware Config

Extracted

Targets

Qakbot/Qbot

MITRE ATT&CK Matrix

Tasks

static1

behavioral1

behavioral2