qakbot | e664668a7db312abaf8ecbde5fb0320d062310aec0513941a41a937eb1f2e834

General

Target

e664668a7db312abaf8ecbde5fb0320d062310aec0513941a41a937eb1f2e834N
Size

1.3MB
Sample

240918-c2y4tsydrr
MD5

3b4d7bb0a956583b564bdfc55f449660
SHA1

3c6c0831c0090eb003b0a804a0a08f6b17895eec
SHA256

e664668a7db312abaf8ecbde5fb0320d062310aec0513941a41a937eb1f2e834
SHA512

7669fb5db3c968921def9d91bc27d3323b89aeded3a68530befd698a026a4d028404bb5b4fce61955119aa4d5e25779b9afc4429392f88825a98db38910bf4dc
SSDEEP

12288:efv5C7QAlKsVF3BPwOuuV5NTaDARqHTX8eFpeFpeFpeFpeFpeFZRVzG7Dn/:eHs7ppFFy4+2SfFkFkFkFkFkFNE/

Score

10^/10

Malware Config

Extracted

Family

qakbot

Version

402.1

Botnet

biden28

Campaign

1618320494

C2

24.226.156.153:443

24.43.22.221:993

216.201.162.158:443

76.25.142.196:443

149.28.99.97:995

149.28.101.90:2222

207.246.116.237:8443

149.28.99.97:443

45.63.107.192:2222

45.32.211.207:2222

149.28.101.90:443

45.77.117.108:995

207.246.77.75:443

207.246.77.75:8443

149.28.98.196:2222

45.32.211.207:995

45.32.211.207:443

45.32.211.207:8443

149.28.98.196:995

149.28.98.196:443

Attributes

salt
jHxastDcds)oMc=jvh7wdUhxcsdt2

Targets

- Target
  
  e664668a7db312abaf8ecbde5fb0320d062310aec0513941a41a937eb1f2e834N
- Size
  
  1.3MB
- MD5
  
  3b4d7bb0a956583b564bdfc55f449660
- SHA1
  
  3c6c0831c0090eb003b0a804a0a08f6b17895eec
- SHA256
  
  e664668a7db312abaf8ecbde5fb0320d062310aec0513941a41a937eb1f2e834
- SHA512
  
  7669fb5db3c968921def9d91bc27d3323b89aeded3a68530befd698a026a4d028404bb5b4fce61955119aa4d5e25779b9afc4429392f88825a98db38910bf4dc
- SSDEEP
  
  12288:efv5C7QAlKsVF3BPwOuuV5NTaDARqHTX8eFpeFpeFpeFpeFpeFZRVzG7Dn/:eHs7ppFFy4+2SfFkFkFkFkFkFNE/
Score

10^/10

qakbot biden28 1618320494 banker discovery stealer trojan
- Qakbot/Qbot
  Qbot or Qakbot is a sophisticated worm with banking capabilities.
  trojan banker stealer qakbot
behavioral1 behavioral2

MITRE ATT&CK Enterprise v15

Reconnaissance

Resource Development

Initial Access

Execution

Persistence

Privilege Escalation

Defense Evasion

Credential Access

Discovery

System Location Discovery

1

T1614

System Language Discovery

1

T1614.001

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Tasks

Sharing

General

Malware Config

Extracted

Targets

Qakbot/Qbot

MITRE ATT&CK Enterprise v15

Tasks

static1

behavioral1

behavioral2