qakbot | d4f7a0b2f29812223444cbce4684c12891962616708bbcc7a684a0efa510bdb4 | Triage

Resubmissions

23-05-2024 04:24

240523-e1jzmadg77 10

23-05-2024 04:18

240523-ew76nadf2w 10

Sharing

General

Target

vegetated.dat
Size

354KB
Sample

240523-ew76nadf2w
MD5

95b1ae44716fb74b3ce589d7e1b53c3a
SHA1

d322925f126c486cd2b5112057e4dd3e9692b7be
SHA256

d4f7a0b2f29812223444cbce4684c12891962616708bbcc7a684a0efa510bdb4
SHA512

dcd2aa426895a12e0e0a40a8e034c4b72161b8c929efae1d296ca29307e906c4a8df309b6ddbc234f3f63e0ac288641a3214895646d9d5c98ac9e69f1c5dd3d2
SSDEEP

6144:ENsacLpop/C9lIbtBMHkqmO+pefWoAw6hjSy/AACs98K/f+ZuDXKK8bTcTCaULa4:gs/tMrbQHt+ps4w6RcA3/2oXmbTdaUe4

Score

10^/10

qakbot obama220 1667373670 banker stealer trojan

Malware Config

Extracted

Family

qakbot

Version

404.14

Botnet

obama220

Campaign

1667373670

C2

174.0.224.214:443

70.60.142.214:2222

136.232.184.134:995

67.87.214.7:443

174.104.184.149:443

64.207.237.118:443

144.202.15.58:443

74.33.84.227:443

175.205.2.54:443

174.77.209.5:443

45.49.137.80:443

74.92.243.113:995

76.68.34.167:2222

49.175.72.56:443

190.24.45.24:995

50.68.204.71:443

179.100.109.130:32101

70.64.77.115:443

109.151.171.116:2222

91.138.17.202:443

Attributes

salt
SoNuce]ugdiB3c[doMuce2s81*uXmcvP

Targets

- Target
  
  vegetated.dat
- Size
  
  354KB
- MD5
  
  95b1ae44716fb74b3ce589d7e1b53c3a
- SHA1
  
  d322925f126c486cd2b5112057e4dd3e9692b7be
- SHA256
  
  d4f7a0b2f29812223444cbce4684c12891962616708bbcc7a684a0efa510bdb4
- SHA512
  
  dcd2aa426895a12e0e0a40a8e034c4b72161b8c929efae1d296ca29307e906c4a8df309b6ddbc234f3f63e0ac288641a3214895646d9d5c98ac9e69f1c5dd3d2
- SSDEEP
  
  6144:ENsacLpop/C9lIbtBMHkqmO+pefWoAw6hjSy/AACs98K/f+ZuDXKK8bTcTCaULa4:gs/tMrbQHt+ps4w6RcA3/2oXmbTdaUe4
Score

10^/10

qakbot obama220 1667373670 banker stealer trojan
- Qakbot/Qbot
  Qbot or Qakbot is a sophisticated worm with banking capabilities.
  trojan banker stealer qakbot
behavioral1

MITRE ATT&CK Matrix ATT&CK v13

Initial Access

Execution

Persistence

Privilege Escalation

Defense Evasion

Credential Access

Discovery

Query Registry

Peripheral Device Discovery

System Information Discovery

Lateral Movement

Collection

Exfiltration

Command and Control

Impact

Resource Development

Reconnaissance

Tasks

static1

behavioral1

qakbotobama2201667373670bankerstealertrojan