ioc[.]one - OSINT Cyber Threat Intelligence Database

Qakbot levels up with new obfuscation techniques

Tags

maec-delivery-vectors:	Watering Hole
attack-pattern:	Data Credentials - T1589.001 Domains - T1583.001 Domains - T1584.001 Javascript - T1059.007 Malware - T1587.001 Malware - T1588.001 Network Security Appliances - T1590.006 Scheduled Task - T1053.005 Software - T1592.002 Scheduled Task - T1053

Show in Graph

Common Information

Type	Value
UUID	4255db32-10c5-4199-8ba7-f7366087e6ac
Fingerprint	85a01da81d7f1fc9
Analysis status	DONE
Considered CTI value	2
Text language
Published	May 2, 2019, 11:04 a.m.
Added to db	Sept. 26, 2022, 9:31 a.m.
Last updated	Nov. 19, 2024, 3:59 p.m.
Headline	Vulnerability Information
Title	Qakbot levels up with new obfuscation techniques
Detected Hints/Tags/Attributes	40/2/120

Source URLs

	Redirection	Url
Details	Source	https://blog.talosintelligence.com/2019/05/qakbot-levels-up-with-new-obfuscation.html

URL Provider

Details	Provider	Source level domain
Details	talosintelligence.com	blog.talosintelligence.com

Attributes

Details	Type	#Events	Value
Details	Domain	904	snort.org
Details	Domain	1	lg.prodigyprinting.com
Details	Domain	1	hp.prodigyprinting.com
Details	Domain	1	layering.wyattspaintbody.net
Details	Domain	1	painting.duncan-plumbing.com
Details	File	60	c:\windows\system32\schtasks.exe
Details	File	2134	cmd.exe
Details	File	5	c:\windows\system32\cscript.exe
Details	sha256	1	00e4f65b721b334c3aa40e0c0fdc63107965874981fbfef1fc6a3ebb9d6c8d1c
Details	sha256	1	042b8c8ae4525b7fd067c6960def5bb01817bf884db9db0db42c2a3cb10ff327
Details	sha256	1	0633c16d45f6fdc9fd6ba13c86572bfb571e2307ea051e2c119b59458000b51d
Details	sha256	1	0dbf3f0a6a6b77eddd6e63849f2cea98edb855847a51ec313e7b764c5a5a3a59
Details	sha256	1	104d491cd7c6e3f7930edb780bed08fc88012a0f7f77f01ef987f270c9169b49
Details	sha256	1	1430582ad86023fe4b75f4721158ab72c28bef13592ad4462ac30f7b0784cc37
Details	sha256	1	20e53f19fb58b36c93fff100d0e003ff6e88017d6ee6ae8e56d72ba3e1827250
Details	sha256	1	21898a62a58602b67b39ea4c5ce971be4d73c861a1abff22337d2531f7b18d29
Details	sha256	1	2f5b2a72e40226c54871113b18d4e62c76d4cd05eb50a84c02774ed13daee411
Details	sha256	1	33e97cb8c1508b7795748e54634ebcd9b04259f14ef1f5dce32bad765885649a
Details	sha256	1	386796dcf6f731d43182b57dcaf1f7a9db346f84fdde59ea4c40e574983dd4e3
Details	sha256	1	3bd16f8213ff33b7e6ad5ba0974c2674e9a8f5a4b2a914006dbe060cec57d56e
Details	sha256	1	3c5fe3251afef44143b119f6ca45503dda70b51e006b882e9b0666a380c99774
Details	sha256	1	3f1eb5d603074d6d56d99cad4a31fad015e45855e9dbf0ea3ae1969077358a25
Details	sha256	1	42f6a0b64b8dda86c3905a12c3921ead06fa3f24b1231d1bcac7762fb54437d2
Details	sha256	1	45cbe796d27e48e8983eba169a72c5c3da03053ffd9ea519173482bed8af666e
Details	sha256	1	47df7cecfaf49a99c3ac8ebd5b47e4afe46658428dfc4818d7a968e0d84d6e19
Details	sha256	1	482f9255b94f1a7813e3cf631ac4bd14c559694b6162fadc6888a83d5c8f18dd
Details	sha256	1	485dda6eb0574979a04ba831df8ca0588cf034b3005d17153fb56088d31fd487
Details	sha256	1	4ca4665d30d38df77d13ed756d2310faaabc42e3eb3a1b18c26e1698f3e073bd
Details	sha256	1	4efdd3448fbaaa164c0735891512ece65f78d9160ffef0f1983e9539b1c502d7
Details	sha256	1	507d93bc04f4a52e451ec8e212f52397ff25b93e4ea3c9ab54fdd24c2c200171
Details	sha256	1	523789702a134745c78a1430ccc1704650181b2f4f773862d44d45ccf139b93f
Details	sha256	1	52b9d903cf6e578f781af3b1f38263fb2d81282a188e25cacf765d723d3de563
Details	sha256	1	5ac4fbe00b773cbeb52c58234a5d2676f1cf0961385eb6b73934fccdf82a6605
Details	sha256	1	630ba9a1630e90bdbe3d1f63161dc07714818f5b3010f6f9af6e624746529975
Details	sha256	1	6372b115bd5eb33d586519ce478ce161420c53e3d92103f2d8b2bb0e6efedfb8
Details	sha256	1	63cb6cf78b6263ccb6308de73f8084debacf62b88315809473f5b7ffbf9fcbf8
Details	sha256	1	668e1c7275dd3000fd0f24f2a5f9004fc5fd5293c646ad44882122889a99f353
Details	sha256	1	68b9de2981e3d74fbc83b3e26a45eda5611fd1791362d775e12b6db5f1f5f646
Details	sha256	1	6d0f5953b6a2234e00e720b297cdfa12a4d9074a92b85e9e5c508938b5907a0a
Details	sha256	1	6e840301949f41830b927ef569e581d349820387a3ff45a90ef4ec8e4f6f0e86
Details	sha256	1	6f840523ce151950e40e24bfedc27e6ba17a9f65b2a4c3105b543b44e153037d
Details	sha256	1	7086dd6a001e339ae9f789301de2fda398964799094587d55a8860199cdcbcba
Details	sha256	1	72a45d06936294c83c321d4fb312bdaa9b3afdc089975021f4b80d1046f62623
Details	sha256	1	75822e46bf9e827346da33141b8b69bb6210a29f2996d246d565e9567f95e9fe
Details	sha256	1	7758f78992fe71389e36b63d0b22f174d67b8139a80c96df5ebdcef7f1eaa954
Details	sha256	1	7772c892e7a846a7c7d852b73237f2d5e3aea485d423ddccfd7b66262b2a0a7a
Details	sha256	1	77833ef35c69cee4d6c43b13330ef71f08db13290d3d079040ab5d0298a57ccf
Details	sha256	1	78b83e6f1612dd86338faadbccd2b05ecdbcdf221ab694daa6fe1ce0928e2d68
Details	sha256	1	78e917a47f28905498694ec901ae7619c46c71d5f57879ad0a43a451d107b8a1
Details	sha256	1	7e9e493e41fab952e0a5681782a54954447abc3df6ef1d1860e59e586ea6c990
Details	sha256	1	81788d067834ea0298b88cc251ac4b56820bbb85c77345b35886c9af1b139e1c
Details	sha256	1	82bf2bf053fc21efd2b09403bb489d1f32e30ff4523a50963f05394524264ac6
Details	sha256	1	83a60ac3d70283ff82eeacdb500a204170c5ffcc6f59cbc30c0e7a5410ecb293
Details	sha256	1	83c4d91f93f56abf7504faa83a01a84210eb55de991131240a55dd22cb3cb55a
Details	sha256	1	87bf71ceaeacb6a70d86e6ff96ba4e1d2232c2b84242e8cef7ba30b5de47b4a4
Details	sha256	1	89b01325e7a7a8e41d598d07efec7ade3b5da72a97d0a02054c8be8edf41ceb7
Details	sha256	1	8a8e093089e7d144e5cbef20b5010a27da9c29ac0d64a924bb311a3a50ea5b05
Details	sha256	1	8b88a48e14aec83e1c87fe6ca7a66ad718a82276766756f5741fb446bfc0db8f
Details	sha256	1	8bbb44176e94f4e65cc6862e62f3b1544617edc889105e9af07886c0a62942ac
Details	sha256	1	8fa303e89e0f25b4929d3a175c948e3b5a1b257a50911f3eeaaab7f3218077e3
Details	sha256	1	9430fe8f223db4b551ed77e61ac6d38efee348940018ae9e1c15827f53cc618d
Details	sha256	1	9548afeb0037077a1e98feabe952472b6882eccd4c8ef6e1d3a93370198fa6a5
Details	sha256	1	99005c7ebde6c9d72e84fbf246c7b8aacc8e3c39132834b846a5ed4d49b1dcd5
Details	sha256	1	9926bc84e414ad65947461955bf043fe1dd11358f5d517785f6d0571b9acf548
Details	sha256	1	996ebea3b2e4b269cc10051f8a5d90cb0e68dee16a6000ff35bac85cb17024d4
Details	sha256	1	9f2bf3c3efdd1e388f87a64bac0bfc4b756cc923b428e85ef9e67a86f79c0bc7
Details	sha256	1	a0ea5b224ee2a85334cf434805edb9dd57b100975fd3c0a564b03d28a5203ee2
Details	sha256	1	a4416996ae9e25b496a343f5a94366ea33ac8797eccd289a83402978b03d371f
Details	sha256	1	aa11c00bc40f9bea2aff915d9cbf89e067aabdf764e52d664e7337545ffca04b
Details	sha256	1	abdcb3156ed4bcc5bce29f621ee8593fec625f74b3d1580cd1aa6e7557f822cf
Details	sha256	1	bd1190f7470b3219446024c9b85d1533d5ba56d24bcc618adfb05333c350ec8b
Details	sha256	1	bddac88644d3e23abba825283df777b76676b5348fd7225aa3dc3ead39ff7201
Details	sha256	1	bef299f5cff4b601adc6c8cde21d22465d19846f2f97d81fa8ea2439a4867864
Details	sha256	1	c075b937f4ad0b6077253ad1ebc8cf531c6f1ba167f90cd6ed77fc7a44684340
Details	sha256	1	c4f10d10da4598d970ada132f7a476f74902143567d45afd4858d4d9fa7210af
Details	sha256	1	c6edaa1e6125faddacb34f5f567cbb78abb1c138f970d914b95fdd4499052aa0
Details	sha256	1	c6ef40e940c92b8399792521eb677f5238e21ecf99834826990153efa41064ba
Details	sha256	1	c77ed215f5ca3eb4b5ab6926b32392c4d58bcaaa9ad1d585632372e7f059360f
Details	sha256	1	c97049d43b38577c01ef508c6ba5f6d15a3002728e5896b5d4982ee206a12a8b
Details	sha256	1	cd00617dd8eac1a70bff92d029861487197eb486deb0c4c66542af50309bc535
Details	sha256	1	cd9d8c6c3bc14559d5da15887c5c12be6ac6241b9c36d1fcc0063ad489d14bb5
Details	sha256	1	cdac2ca810ed43d4bd9bf7ade4b0a8dbc26fbeed3f11eee1aa5cb8334b6d6105
Details	sha256	1	d8b5067443c940864e972369e259a0826bb3774487c8605d6e5e870510d41504
Details	sha256	1	da823b80766ffc75ed32751ea6ded68e132976d28416fb78bddccd489372f069
Details	sha256	1	e30ddbd161e44cf7823b1850604d1cf87d4b9c9af8d0407bde05e7bb758a0559
Details	sha256	1	e3f9e76406739c68be2cd6a228131a63662e16fcf757c6251f5e4d0905ab3cd0
Details	sha256	1	e8f943454ab41dbd019434e0716d923fb87547cf73306b164ada93612d5f263f
Details	sha256	1	e8fff8ac794b44fade6bdf14f08104012bafff894e44003b84808a5bfd2cebbb
Details	sha256	1	e946b516013cb6cff31e21ee2ccabd1b8ce1e5ed5a4f9e36ffad07c4d880e417
Details	sha256	1	edf907d35b16877a6ff344bdb62852f0f1c418bc4f83072b518204e398e61365
Details	sha256	1	f9969aaab5276399d486a0619840e41e63340c1106f1e2652eb098052d8a2241
Details	sha256	1	fa3bc57c23c5f60050d5b6673681d8bc170d5c9417cfc4c231d3794800400315
Details	sha256	1	fe294978397abe1f23b88e47a94d516c977cd0c9cb368bcdc20f5f3899daf6bd
Details	sha256	1	dd8c25c7483acb627935b3ec6de505aa7fdf95ee4db8108b89d0deb57510217c
Details	sha256	1	581fe44b3da62d2155452beeda2f20f63fa042271a97cd8e016b4f6f6f8b575f
Details	sha256	1	37f2b74550724859eb8b30fd60d8580c0e4eb6dc64d5d55e46774967fb0b9719
Details	sha256	1	9a849f42734c1bad3fa3c3b5cb5d8781c21e6241f8977636774384e6177756f2
Details	sha256	1	88b780e35400a63e5f2526e67287508865801f4c176b449c9bd9897a6f4d099e
Details	sha256	1	b853bf59cbfa95d5c76c76b5cf583d867929ffd164e248e33f55929ce0f65456
Details	sha256	1	84defbc371379f548cbfc7837128f33c35a2a95835d93e287c6c2f7f8428d910
Details	sha256	1	fa209beccf0fe4883b900462ecdf25f7a405adc962f393e116a556f4018773a3
Details	sha256	1	f7ea4652a096c007a233fb588d7a1b129a1b68829f78d58bb67b33c3582f032d
Details	sha256	1	16ea880880c3466e3ff95bc3df309242861b0d43600862b0e9f563bda90d00d3
Details	sha256	1	11447fbf6b64d137ab09ae7c861719169650a06ccc44abf0bcbbac8f5830343b
Details	sha256	1	e57062a03e0397ba7b5edba76b92f6e00e00a3f5f3126335a152803ba9dea5a9
Details	sha256	1	f3667a47b00bd70f06cefa19de31ccd818095638059f2fe237096741c6b47863
Details	sha256	1	86e07fcea780307b1ef2151b19a41170262947193b7b5b8998203ee0bb648c14
Details	sha256	1	d0fefd2af365336288bc8d7c9bb3d840e483cccf8c2afe493e3dc71e402a78c8
Details	sha256	1	3876816f0cc13e72c2ed64e857090c6a78106b9accc5f8d8fd90652a293890be
Details	sha256	1	170f58ca16e031ce31d117ba36a525189cfe4a08fece3fe1d65f18d293e2c7fe
Details	sha256	1	e64d432aac6c9209d84b9e9b9b77bae4148dba91f49e2871c6a14a2d0777e8e0
Details	sha256	1	8041bc11d40ef808f9a25a5b3d2104aa67e6ba5a696d1bd352ccdf8b3039df9b
Details	sha256	1	1333715b86d4009eb40b92675ed494dda786c275ccdcd59644ea3b0408df3d08
Details	sha256	1	59dbf5984c48109a16de20656a3305269f4afa66e8864276e69d900d6cfe92c0
Details	sha256	1	5468b140b70a7c6566cc7bc60e11e32d0165015df59fc448588fa9f7c68a5c94
Details	sha256	1	82a13c434e21f40bf5f1e7e2694784e2152834c3c5e7188026efd4d698d63d8d
Details	sha256	1	2ce2651e7ea2ece2b45cadbf7ef916a998d14bbf3830631cf1de6c4c28a97d80
Details	sha256	1	ce65b98b78ee749c5db5cb678cb6a8f21f568446a9e7433f6cb3c2d648602512
Details	sha256	1	b76cc76001cb245697bab1d14b0b0a9c85dc0a034d70f70cc7b4a207124b932f
Details	sha256	1	c9ce209cbc4d3a733ed2dc6ff65318ab0d49506a9b406e8c11805b762c80d2b0