How a SOC team neutralized the QakBot banking trojan | Darktrace Blog
Tags
country: Singapore
maec-delivery-vectors: Watering Hole
attack-pattern: Data Model Models Credentials - T1589.001 Dns - T1071.004 Dns - T1590.002 Domains - T1583.001 Domains - T1584.001 Malware - T1587.001 Malware - T1588.001 Network Devices - T1584.008 Phishing - T1660 Phishing - T1566 Server - T1583.004 Server - T1584.004 Tool - T1588.002 Vulnerabilities - T1588.006 Vulnerability Scanning - T1595.002
Show in Graph
Common Information
Type Value
UUID 0add0b2b-85d7-45b9-a6f6-b3aaa50ba25f
Fingerprint e79109120943d7eb
Analysis status DONE
Considered CTI value 0
Text language
Published June 13, 2021, midnight
Added to db Aug. 13, 2023, 4:53 p.m.
Last updated Oct. 16, 2024, 2:03 a.m.
Headline How a SOC team neutralized the QakBot banking trojan
Title How a SOC team neutralized the QakBot banking trojan | Darktrace Blog
Detected Hints/Tags/Attributes 106/3/13
Source URLs
Redirection Url
Details Source https://darktrace.com/blog/how-a-soc-team-neutralized-the-qakbot-banking-trojan
URL Provider
Details Provider Source level domain
Details darktrace.com darktrace.com
RSS Feed
Details Id Enabled Feed title Url Added to db
Details 101 https://de.darktrace.com/blog/rss.xml 2024-08-30 22:08
Attributes
Details Type #Events CTI Value
Details Domain 76 
ipfs.io
Details Domain 58 
image.thum.io
Details Domain 58 
logo.clearbit.com
Details Domain 58 
mku.ipfs.dweb.link
Details Domain 58 
filebase.com
Details File 58 
ob.html
Details File 58 
atob.html
Details File 58 
cpmk.htm
Details IPv4 2 
75.67.192.125
Details Url 58 
https://ipfs.io/ipfs/qmfddxlwoliqfurx6duzcshxvbp1znm21h5jxgs1ffnxtp?filename=at
Details Url 58 
https://ipfs.io/ipfs/qmfddxlwoli
Details Url 58 
https://filebase.com/blog/ipfs-content-addressing-explained
Details Url 58 
https://www.trustwave.com/en-us/resources/blogs/spiderlabs-blog/the-attack-of-the-chameleon-phishing-page