qakbot | 6ad81b1b02c0b6a7a45d793397d5be8b5c1bebb0cfa80d737fa2ac5d79d50d7f

General

Target

qakbot.dll-disk
Size

178KB
Sample

240917-yssrcascpn
MD5

ef35f34c69e5cfbfb72cc5260f02a1e3
SHA1

7ede03c660c5c39a706ac0c2cc8a3ffb20dd3356
SHA256

6ad81b1b02c0b6a7a45d793397d5be8b5c1bebb0cfa80d737fa2ac5d79d50d7f
SHA512

fe8497134e21f068507d360daab443f43930634d7111ac69f029b621e85d5c62fe697d79f02c33c5ff1aa576d809793fb04f2e14712a7303514726d9e6235b48
SSDEEP

3072:naJXr+BqdIfsLi86zSpMV9nJH36QBnoxFnOTBfu0kTgxokao:nwXrXi88NNoxFnOTBW04g6kao

Score

10^/10

Malware Config

Extracted

Family

qakbot

Version

325.59

Botnet

abc026

Campaign

1604404702

C2

96.243.35.201:443

46.53.16.93:443

217.165.2.92:995

37.106.7.143:443

67.6.55.77:443

89.136.39.108:443

2.50.58.76:443

188.25.158.61:443

45.63.107.192:995

45.32.154.10:443

94.52.160.116:443

45.63.107.192:2222

45.63.107.192:443

72.204.242.138:465

84.117.176.32:443

95.77.223.148:443

47.146.39.147:443

41.225.13.128:8443

80.14.209.42:2222

190.220.8.10:995

Targets

- Target
  
  qakbot.dll-disk
- Size
  
  178KB
- MD5
  
  ef35f34c69e5cfbfb72cc5260f02a1e3
- SHA1
  
  7ede03c660c5c39a706ac0c2cc8a3ffb20dd3356
- SHA256
  
  6ad81b1b02c0b6a7a45d793397d5be8b5c1bebb0cfa80d737fa2ac5d79d50d7f
- SHA512
  
  fe8497134e21f068507d360daab443f43930634d7111ac69f029b621e85d5c62fe697d79f02c33c5ff1aa576d809793fb04f2e14712a7303514726d9e6235b48
- SSDEEP
  
  3072:naJXr+BqdIfsLi86zSpMV9nJH36QBnoxFnOTBfu0kTgxokao:nwXrXi88NNoxFnOTBW04g6kao
Score

3^/10

discovery
behavioral1 behavioral2

MITRE ATT&CK Enterprise v15

Reconnaissance

Resource Development

Initial Access

Execution

Persistence

Privilege Escalation

Defense Evasion

Credential Access

Discovery

System Location Discovery

1

T1614

System Language Discovery

1

T1614.001

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Tasks

Sharing

General

Malware Config

Extracted

Targets

MITRE ATT&CK Enterprise v15

Tasks

static1

behavioral1

behavioral2