qakbot | cb9b2fc56d48aaa738f2811ebbd70cd703bababdf717fa4936c3f17752ffbdec

General

Target

84dfcb2f46ff6d54b13c1975b4d40c90_NeikiAnalytics.exe
Size

158KB
Sample

240531-3skg7aaa6v
MD5

84dfcb2f46ff6d54b13c1975b4d40c90
SHA1

711f28f1b4f2ecec49bf8334ef201863c27432d7
SHA256

cb9b2fc56d48aaa738f2811ebbd70cd703bababdf717fa4936c3f17752ffbdec
SHA512

befd235d2203d9f2e8b74be9eb375602ef3b1d238894bed3c02e462eed0eb80f3ad6391515f500208638c2c48bade7cfca48b6f5acd666423f747c440cbdce95
SSDEEP

3072:SgikbXp3BvScvqzzxVvAAWJ6AzxHTBfZl0O/yaJv:VTdRXvqXxh1WJJzxHTBRlf/

Score

10^/10

Malware Config

Extracted

Family

qakbot

Version

404.46

Botnet

obama228

Campaign

1670998169

C2

78.101.91.215:2222

49.175.72.56:443

64.237.214.193:443

79.77.142.22:2222

173.18.126.3:443

23.242.141.218:2222

121.121.100.148:995

172.90.139.138:2222

172.248.42.122:443

94.63.65.146:443

98.145.23.67:443

12.172.173.82:990

91.68.227.219:443

12.172.173.82:993

75.99.125.236:2222

49.245.119.12:2222

74.66.134.24:443

173.239.94.212:443

91.169.12.198:32100

184.68.116.146:2222

Attributes

salt
SoNuce]ugdiB3c[doMuce2s81*uXmcvP

Targets

- Target
  
  84dfcb2f46ff6d54b13c1975b4d40c90_NeikiAnalytics.exe
- Size
  
  158KB
- MD5
  
  84dfcb2f46ff6d54b13c1975b4d40c90
- SHA1
  
  711f28f1b4f2ecec49bf8334ef201863c27432d7
- SHA256
  
  cb9b2fc56d48aaa738f2811ebbd70cd703bababdf717fa4936c3f17752ffbdec
- SHA512
  
  befd235d2203d9f2e8b74be9eb375602ef3b1d238894bed3c02e462eed0eb80f3ad6391515f500208638c2c48bade7cfca48b6f5acd666423f747c440cbdce95
- SSDEEP
  
  3072:SgikbXp3BvScvqzzxVvAAWJ6AzxHTBfZl0O/yaJv:VTdRXvqXxh1WJJzxHTBRlf/
Score

10^/10

qakbot obama228 1670998169 banker stealer trojan
- Qakbot/Qbot
  Qbot or Qakbot is a sophisticated worm with banking capabilities.
  trojan banker stealer qakbot
behavioral1 behavioral2

MITRE ATT&CK Matrix

Tasks

Sharing

General

Malware Config

Extracted

Targets

Qakbot/Qbot

MITRE ATT&CK Matrix

Tasks

static1

behavioral1

behavioral2