qakbot | 917de900fa94c6702d1b63f7b095fab5dcd46217b9bb424fe9951706a7f89141

General

Target

Chapter 8.zip
Size

312KB
Sample

241021-ytc3aavgrn
MD5

261784a427e94612e38c146938153f75
SHA1

8c015378d0b4febaa06dff81b319a7691947938f
SHA256

917de900fa94c6702d1b63f7b095fab5dcd46217b9bb424fe9951706a7f89141
SHA512

ba1fdf889ac8f4c38efaeb02f5535d490d9d09b10ab95845a5236b6ca96f6188fce4f38f4d9f7b29d43a8a4b9c29b1e3bf4cbb5d675323b263b2671e75eadb9e
SSDEEP

6144:6e/qI9gZwZUAJb94nOluKxFew580UEcqckg7qtjRpyn1ALrIx4m0M1o:66P9gi9GOluKLJ8acROtjRpggYP0MC

Score

10^/10

Malware Config

Extracted

Family

qakbot

Version

324.142

Botnet

spx133

Campaign

1591267427

C2

49.144.84.21:443

189.159.133.162:995

173.245.152.231:443

77.237.181.212:995

207.255.161.8:2078

76.187.8.160:443

207.255.161.8:2087

98.219.77.197:443

66.222.88.126:995

207.255.161.8:32102

108.58.9.238:995

47.152.210.233:443

1.40.42.4:443

188.27.71.163:443

82.127.193.151:2222

104.50.141.139:995

67.83.54.76:2222

86.126.97.183:2222

73.94.229.115:443

47.35.182.97:443

Targets

- Target
  
  Chapter 8/sample_packed.exe
- Size
  
  325KB
- MD5
  
  e1205ef15da2dbecb57b40ce43abe0f8
- SHA1
  
  8525f7a7218923302f97f4eb3865a1e20c271521
- SHA256
  
  a5f9efbd8eb8dbadaead5328b9e1f3ace32e1b92f2772048cac6d455b8810d4c
- SHA512
  
  d963263077611a27a663a97853cba3bb1031f4ba051129f08b2bb702b1a4e7b5e9e701cf08032b0c5d4fe4247bc18978b159e8d4900d3f3c0f392eb80d4551eb
- SSDEEP
  
  6144:dTCOvUUJjejrtFq4Z05fwJome46ujzFUWrCdgO//k5yKKYwoZx:BCOvwhqfwampzFvCdgO3ZIwoZ
Score

10^/10

qakbot spx133 1591267427 banker discovery stealer trojan
- Qakbot/Qbot
  Qbot or Qakbot is a sophisticated worm with banking capabilities.
  trojan banker stealer qakbot
behavioral1 behavioral2

MITRE ATT&CK Enterprise v15

Reconnaissance

Resource Development

Initial Access

Execution

Persistence

Privilege Escalation

Defense Evasion

Credential Access

Discovery

System Location Discovery

1

T1614

System Language Discovery

1

T1614.001

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Tasks

Sharing

General

Malware Config

Extracted

Targets

Qakbot/Qbot

MITRE ATT&CK Enterprise v15

Tasks

static1

behavioral1

behavioral2