qakbot | 67127f9d94810aaab88190eaad9328948186a531009b2b9e98470236c624ae81

General

Target

a32054753565349777d62ad999e0b770N
Size

1.0MB
Sample

240826-d9y98sshka
MD5

a32054753565349777d62ad999e0b770
SHA1

f3c8622c488b37c89ee0f6daa844fbe23c8fd5da
SHA256

67127f9d94810aaab88190eaad9328948186a531009b2b9e98470236c624ae81
SHA512

5e8b9d4823152b922093743a7311eed12110b290132c3ba648fe3ea3886291d5f01a2c47dd7599996737b0a2147dea12cd3065461a54097c81ff74cf107bc5ba
SSDEEP

24576:A9Aa+GoDK4lxB0D+eS9YUE89guJp7aYpsI4LyI5WeHocqi8ORED:A9t4lxB05TOkmI5WeHdq

Score

10^/10

Malware Config

Extracted

Family

qakbot

Version

402.68

Botnet

biden51

Campaign

1622188821

C2

75.67.192.125:443

96.61.23.88:995

140.82.49.12:443

188.26.91.212:443

144.139.47.206:443

24.152.219.253:995

95.77.223.148:443

92.59.35.196:2222

68.186.192.69:443

207.246.116.237:995

45.77.117.108:2222

207.246.77.75:8443

207.246.77.75:443

144.202.38.185:443

144.202.38.185:995

207.246.77.75:2222

45.77.117.108:995

149.28.98.196:995

45.77.115.208:995

45.77.115.208:8443

Attributes

salt
jHxastDcds)oMc=jvh7wdUhxcsdt2

Targets

- Target
  
  a32054753565349777d62ad999e0b770N
- Size
  
  1.0MB
- MD5
  
  a32054753565349777d62ad999e0b770
- SHA1
  
  f3c8622c488b37c89ee0f6daa844fbe23c8fd5da
- SHA256
  
  67127f9d94810aaab88190eaad9328948186a531009b2b9e98470236c624ae81
- SHA512
  
  5e8b9d4823152b922093743a7311eed12110b290132c3ba648fe3ea3886291d5f01a2c47dd7599996737b0a2147dea12cd3065461a54097c81ff74cf107bc5ba
- SSDEEP
  
  24576:A9Aa+GoDK4lxB0D+eS9YUE89guJp7aYpsI4LyI5WeHocqi8ORED:A9t4lxB05TOkmI5WeHdq
Score

10^/10

qakbot biden51 1622188821 banker discovery stealer trojan
- Qakbot/Qbot
  Qbot or Qakbot is a sophisticated worm with banking capabilities.
  trojan banker stealer qakbot
behavioral1 behavioral2

MITRE ATT&CK Enterprise v15

Reconnaissance

Resource Development

Initial Access

Execution

Persistence

Privilege Escalation

Defense Evasion

Credential Access

Discovery

System Location Discovery

1

T1614

System Language Discovery

1

T1614.001

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Tasks

Sharing

General

Malware Config

Extracted

Targets

Qakbot/Qbot

MITRE ATT&CK Enterprise v15

Tasks

static1

behavioral1

behavioral2