qakbot | 61ccb6e9c0a7d7377fa64bf31114e55aa3e8232a84cc520ba60e7e65bb43bd31

General

Target

61ccb6e9c0a7d7377fa64bf31114e55aa3e8232a84cc520ba60e7e65bb43bd31
Size

454KB
Sample

240619-18tdxsyemk
MD5

4c73af70c1c54b55973adcfedc031342
SHA1

e50ca319857e5328bc3ba952796d097f614ea8ef
SHA256

61ccb6e9c0a7d7377fa64bf31114e55aa3e8232a84cc520ba60e7e65bb43bd31
SHA512

158c03b8f4a86bc9817d5f71d7bd6a088b6ecca488fea2c5656db9d089cd005eeaa47ce1d0569b3a2e16a00f27a93630bb8204fee2e19952cb7dc9b5d20b1ad1
SSDEEP

12288:2q1ppozb1b26o3MjKHtVtzsyRmJ0F2I1jnWlYLVFoNfO0:L1ppoVJo8atVJsyRmXIgYL/I20

Score

10^/10

qakbot aa 1648462264 banker stealer trojan

Malware Config

Extracted

Family

qakbot

Version

403.549

Botnet

AA

Campaign

1648462264

C2

75.113.214.234:2222

86.98.208.214:2222

41.84.229.218:995

190.73.3.148:2222

113.11.89.170:995

45.241.152.155:993

74.15.2.252:2222

76.70.9.169:2222

103.139.242.30:993

80.11.74.81:2222

105.186.127.127:995

81.60.217.44:995

79.129.121.68:995

75.99.168.194:443

5.95.58.211:2087

129.208.19.253:995

2.34.12.8:443

108.60.213.141:443

176.67.56.94:443

176.88.238.122:995

Attributes

salt
jHxastDcds)oMc=jvh7wdUhxcsdt2

Targets

- Target
  
  61ccb6e9c0a7d7377fa64bf31114e55aa3e8232a84cc520ba60e7e65bb43bd31
- Size
  
  454KB
- MD5
  
  4c73af70c1c54b55973adcfedc031342
- SHA1
  
  e50ca319857e5328bc3ba952796d097f614ea8ef
- SHA256
  
  61ccb6e9c0a7d7377fa64bf31114e55aa3e8232a84cc520ba60e7e65bb43bd31
- SHA512
  
  158c03b8f4a86bc9817d5f71d7bd6a088b6ecca488fea2c5656db9d089cd005eeaa47ce1d0569b3a2e16a00f27a93630bb8204fee2e19952cb7dc9b5d20b1ad1
- SSDEEP
  
  12288:2q1ppozb1b26o3MjKHtVtzsyRmJ0F2I1jnWlYLVFoNfO0:L1ppoVJo8atVJsyRmXIgYL/I20
Score

10^/10

qakbot aa 1648462264 banker stealer trojan
- Qakbot/Qbot
  Qbot or Qakbot is a sophisticated worm with banking capabilities.
  trojan banker stealer qakbot
behavioral1 behavioral2

MITRE ATT&CK Matrix

Tasks

Sharing

General

Malware Config

Extracted

Targets

Qakbot/Qbot

MITRE ATT&CK Matrix

Tasks

static1

behavioral1

behavioral2