Qbot
· Published 21/12/2025 10:09 · Modified 21/12/2025 10:09
· Source: AlienVault
Essential information
- Confidence
- 100/100
- Published
- 21/12/2025 10:09
- Modified
- 21/12/2025 10:09
- Updated at
- 21/12/2025 10:09
- Revoked
- No
- Author / Source
- AlienVault
- Resource level
- —
- Primary motivation
- —
- Related entities
- 1 reports, 10 attack patterns (mitre), 4 malware, 10 indicators
Description
No description.
Marking (TLP)
TLP:CLEAR
Related entities
Attack patterns, malware, vulnerabilities, indicators and other entities linked to this intrusion set.
Reports (1)
-
10 MITREs 6 Malwares 1 APT
Attack patterns (MITRE) (10)
-
T1547.001 usesRegistry Run Keys / Startup Folder MITRE
-
T1573.002 usesAsymmetric Cryptography MITRE
-
T1055 usesProcess Injection MITRE
-
T1140 usesDeobfuscate/Decode Files or Information MITRE
-
T1027 usesObfuscated Files or Information MITRE
-
T1071.001 usesWeb Protocols MITRE
-
T1573.001 usesSymmetric Cryptography MITRE
-
T1112 usesModify Registry MITRE
-
T1082 usesSystem Information Discovery MITRE
-
T1012 usesQuery Registry MITRE
Malware (4)
-
QakBot usesFamily
-
BlackBasta usesFamily
-
Zloader usesFamily
-
QakBot - S0650 usesFamily
Indicators (10)
-
http://vector123.xyz/PixelSignal.dllindicates -
4a6869736864694932556873766f6339346b65696f6a6e376e7331396d30646findicates -
4b4398f64e574cfdb8de05d388d97ed255e888045f0316808311f51f63212efbindicates -
651e49a45b573bb39e21746cb99fcd5d17679e87e04201f4cc6ca10ff2d166e4indicates -
a197804c6ae915f59add068e862945b79916c92a508c0287a97db718e72280a3indicates -
22c5858ff8c7815c34b4386c3b4c83f2b8bb23502d153f5d8fb9f55bd784e764indicates -
4cad17ef867f03081eb690b1c16d7f4d5c937c3f20726af0442d7274413e3620indicates -
7215d9421e0a6d1a7cfde3f6d742670550fed009585ab35b53cbb845f63c5f74indicates -
98d38282563c1fd09444724eacf5283626aeef36bcb3efa9d7a667db7314d81findicates -
c8bddb338404a289ac3a9d6781d139314fab575eb0e6dd3f8e8c37410987e4deindicates