Rewterz Threat Alert – Qakbot aka Pinkslipbot or Qbot Malware – Active IOCs
Tags
| maec-delivery-vectors: | Watering Hole |
| attack-pattern: | Data Financial Theft - T1657 Malware - T1587.001 Malware - T1588.001 Phishing - T1660 Phishing - T1566 Software - T1592.002 Vulnerabilities - T1588.006 |
Common Information
| Type | Value |
|---|---|
| UUID | 5f316866-6d81-44ef-aa22-7b10fc9dbe3c |
| Fingerprint | e6690da10c8557ee |
| Analysis status | DONE |
| Considered CTI value | 2 |
| Text language | |
| Published | April 26, 2023, 1:15 p.m. |
| Added to db | May 2, 2023, 3:50 p.m. |
| Last updated | Sept. 4, 2024, 6:13 p.m. |
| Headline | Rewterz Threat Alert – Qakbot aka Pinkslipbot or Qbot Malware – Active IOCs |
| Title | Rewterz Threat Alert – Qakbot aka Pinkslipbot or Qbot Malware – Active IOCs |
| Detected Hints/Tags/Attributes | 42/2/51 |
Source URLs
URL Provider
RSS Feed
| Details | Id | Enabled | Feed title | Url | Added to db |
|---|---|---|---|---|---|
| Details | 365 | ✔ | — | https://www.rewterz.com/feed | 2024-08-30 22:08 |
Attributes
| Details | Type | #Events | CTI | Value |
|---|---|---|---|---|
| Details | Domain | 1 | 2126892.bazeinfo.com |
|
| Details | Domain | 2 | rentfree.zip |
|
| Details | Domain | 1 | aiosubng.com |
|
| Details | Domain | 1 | artcaffe.co.ke |
|
| Details | Domain | 1 | barrehomes.co.ke |
|
| Details | Domain | 1 | content.ilaw.mn |
|
| Details | Domain | 1 | controlhomecr.com |
|
| Details | Domain | 1 | creativebugs.net |
|
| Details | Domain | 1 | customs247.co.uk |
|
| Details | Domain | 1 | exitoshop.co.zw |
|
| Details | Domain | 1 | geowellinteriors.co.ke |
|
| Details | File | 2 | rentfree.zip |
|
| Details | md5 | 1 | edee22a4c2b7297653f3fd8be641e9a9 |
|
| Details | md5 | 1 | e9e3c2918d2a5f9eb5e8a58d5fb34424 |
|
| Details | md5 | 1 | 38a118543fffda6f6e01a806495262f9 |
|
| Details | sha1 | 1 | e380008504fd9664d7dd656ff7aea40602b48927 |
|
| Details | sha1 | 1 | b636efbfd1a5f050edbc06e0a25c94d0b838f8ae |
|
| Details | sha1 | 1 | 0c79aee2586d9f85181b610e50513767aa84f924 |
|
| Details | sha256 | 1 | a8d1583036d7d1bed83f62cdd5e04afef021dc7eef8344b5cb76575fb561e73e |
|
| Details | sha256 | 1 | 582c5ed99c9221f7ebba3c957de07cb2aa647dfc73de03d4177d8aaf9f798e03 |
|
| Details | sha256 | 1 | 132d9ad078b612347323280dd34a98cb6589b7afe9cf0c6801b38d55cfa68e20 |
|
| Details | IPv4 | 1 | 96.56.197.26 |
|
| Details | IPv4 | 1 | 151.30.34.144 |
|
| Details | IPv4 | 1 | 217.165.239.223 |
|
| Details | IPv4 | 1 | 91.82.4.46 |
|
| Details | IPv4 | 1 | 151.213.66.34 |
|
| Details | IPv4 | 1 | 81.111.108.123 |
|
| Details | IPv4 | 1 | 88.171.156.150 |
|
| Details | IPv4 | 1 | 92.149.250.113 |
|
| Details | IPv4 | 2 | 92.189.214.236 |
|
| Details | IPv4 | 5 | 103.123.223.130 |
|
| Details | IPv4 | 1 | 67.10.2.240 |
|
| Details | IPv4 | 1 | 70.112.206.5 |
|
| Details | IPv4 | 2 | 86.225.214.138 |
|
| Details | IPv4 | 2 | 172.248.42.122 |
|
| Details | IPv4 | 2 | 147.219.4.194 |
|
| Details | IPv4 | 1 | 24.139.11.137 |
|
| Details | IPv4 | 6 | 74.92.243.115 |
|
| Details | IPv4 | 3 | 198.2.51.242 |
|
| Details | IPv4 | 3 | 75.98.154.19 |
|
| Details | IPv4 | 2 | 92.239.81.124 |
|
| Details | Url | 1 | http://2126892.bazeinfo.com/cache/rentfree.zip |
|
| Details | Url | 1 | http://aiosubng.com/cache/rentfree.zip |
|
| Details | Url | 1 | http://artcaffe.co.ke/cache/rentfree.zip |
|
| Details | Url | 1 | http://barrehomes.co.ke/cache/rentfree.zip |
|
| Details | Url | 1 | http://content.ilaw.mn/cache/rentfree.zip |
|
| Details | Url | 1 | http://controlhomecr.com/cache/rentfree.zip |
|
| Details | Url | 1 | http://creativebugs.net/cache/rentfree.zip |
|
| Details | Url | 1 | http://customs247.co.uk/cache/rentfree.zip |
|
| Details | Url | 1 | http://exitoshop.co.zw/cache/rentfree.zip |
|
| Details | Url | 1 | http://geowellinteriors.co.ke/cache/rentfree.zip |