Insights Into an Excel 4.0 Macro Attack using Qakbot Malware
Tags
Common Information
| Type | Value |
|---|---|
| UUID | c10079e1-c2a7-4aa1-923f-a313a185f0b2 |
| Fingerprint | 4678d09bd752f0b |
| Analysis status | DONE |
| Considered CTI value | 2 |
| Text language | |
| Published | June 15, 2021, 9:51 a.m. |
| Added to db | Sept. 26, 2022, 9:31 a.m. |
| Last updated | Nov. 17, 2024, 6:49 p.m. |
| Headline | Insights Into an Excel 4.0 Macro Attack using Qakbot Malware |
| Title | Insights Into an Excel 4.0 Macro Attack using Qakbot Malware |
| Detected Hints/Tags/Attributes | 28/2/106 |
Source URLs
URL Provider
Attributes
| Details | Type | #Events | CTI | Value |
|---|---|---|---|---|
| Details | Domain | 1 | microlinsmmn.carajasnutricaoanimal.com.br |
|
| Details | Domain | 1 | dan.zip |
|
| Details | Domain | 14 | documents.zip |
|
| Details | Domain | 1 | luno-offer-rewards.greekspeek.com |
|
| Details | Domain | 1 | forum.ennov8.com.ng |
|
| Details | Domain | 1 | rrestetica.com |
|
| Details | Domain | 1 | shopifytest.recyclemymachine.com |
|
| Details | Domain | 1 | backend.southernbellatl.co |
|
| Details | Domain | 1 | appsolzone.com |
|
| Details | Domain | 1 | ulumequran.com |
|
| Details | Domain | 1 | orgaproducts.com |
|
| Details | Domain | 1 | stage1.artisanenterprisellc.com |
|
| Details | Domain | 1 | portal2.aladhwa-sch.com |
|
| Details | Domain | 1 | covid19.iqwasithealth.com |
|
| Details | Domain | 1 | catalogue.queensbridgenigeria.com |
|
| Details | Domain | 1 | pavanalakecamping.com |
|
| Details | Domain | 1 | bengheng-engrg.com |
|
| Details | Domain | 1 | seremanis.com |
|
| Details | Domain | 1 | inmobaperu.com |
|
| Details | Domain | 1 | ayurskinclinic.com |
|
| Details | Domain | 1 | controlling2014.erp-corp.com |
|
| Details | Domain | 1 | najihojeily.com |
|
| Details | Domain | 1 | radiocakrabandung.com |
|
| Details | Domain | 1 | offlinesharks.com |
|
| Details | Domain | 1 | connectavet.com |
|
| Details | Domain | 1 | infotrekkingnepal.com |
|
| Details | Domain | 1 | lookatmemarketing.com |
|
| Details | Domain | 1 | calvano.com |
|
| Details | Domain | 1 | allyoulovetrading.com |
|
| Details | Domain | 1 | viewmediads.com |
|
| Details | Domain | 1 | integrityadvisory.in |
|
| Details | Domain | 1 | enaruci.qwerty.ba |
|
| Details | Domain | 1 | slsviews.magicways.in |
|
| Details | Domain | 1 | leonandsigourney.com |
|
| Details | Domain | 1 | marketbling.com |
|
| Details | Domain | 1 | cac-itc.com |
|
| Details | Domain | 1 | germiterra.com |
|
| Details | Domain | 1 | tracking-centre-redelivery.idealnepaltours.com |
|
| Details | Domain | 1 | dharamdiwan.in |
|
| Details | Domain | 1 | lenoirramosjr.com |
|
| Details | Domain | 1 | dev.favterest.com |
|
| Details | Domain | 1 | ethioshare.com |
|
| Details | Domain | 3 | nws.visionconsulting.ro |
|
| Details | Domain | 2 | royalpalm.sparkblue.lk |
|
| Details | Domain | 1 | arpanetwifi.com |
|
| Details | Domain | 1 | victoriaholidays.co.in |
|
| Details | File | 1 | dan.zip |
|
| Details | File | 12 | documents.zip |
|
| Details | File | 1260 | explorer.exe |
|
| Details | sha256 | 1 | e6c043cd93e28feb16362ebb329f26f5c323f5c2389ad1bcec55fe033533dbf0 |
|
| Details | sha256 | 1 | dbdccafd2ef3a6eeb6b11c684698df279ba843e5a23fae8d92dd2317cc6db3ee |
|
| Details | sha256 | 1 | c2535e800d505cb51e9c3e161e958162ede306a15d30f9316a31e16159187ac3 |
|
| Details | sha256 | 1 | c110315c3b81bb6027c78dff280e5f1b2d3cd8a8dcf2ce0724941a8a40abf1ad |
|
| Details | IPv4 | 1 | 24.95.61.62 |
|
| Details | IPv4 | 5 | 24.229.150.54 |
|
| Details | IPv4 | 2 | 45.77.117.108 |
|
| Details | IPv4 | 1 | 76.94.200.148 |
|
| Details | IPv4 | 1 | 106.250.150.98 |
|
| Details | IPv4 | 1 | 184.185.103.157 |
|
| Details | IPv4 | 1 | 187.250.238.164 |
|
| Details | IPv4 | 1 | 195.6.1.154 |
|
| Details | Url | 1 | http://microlinsmmn.carajasnutricaoanimal.com.br/mr--simeon-labadie/dan.zip |
|
| Details | Url | 1 | http://microlinsmmn.carajasnutricaoanimal.com.br/mr–simeon-labadie/documents.zip |
|
| Details | Url | 1 | http://luno-offer-rewards.greekspeek.com/minerva-heathcote/documents.zip |
|
| Details | Url | 1 | http://forum.ennov8.com.ng/mr–torrey-satterfield/documents.zip |
|
| Details | Url | 1 | http://rrestetica.com/ffjwg/documents.zip |
|
| Details | Url | 1 | http://shopifytest.recyclemymachine.com/mrs–hermina-welch-phd/documents.zip |
|
| Details | Url | 1 | http://backend.southernbellatl.co/prof–flossie-kuhn-jr-/documents.zip |
|
| Details | Url | 1 | http://appsolzone.com/chadrick-marvin/documents.zip |
|
| Details | Url | 1 | http://ulumequran.com/kasey-botsford/documents.zip |
|
| Details | Url | 1 | http://orgaproducts.com/deontae-mayer/documents.zip |
|
| Details | Url | 1 | http://stage1.artisanenterprisellc.com/dr–era-skiles/documents.zip |
|
| Details | Url | 1 | http://portal2.aladhwa-sch.com/nestor-dare/documents.zip |
|
| Details | Url | 1 | http://covid19.iqwasithealth.com/jillian-ratke-iii/documents.zip |
|
| Details | Url | 1 | http://catalogue.queensbridgenigeria.com/prof–leland-jaskolski-i/documents.zip |
|
| Details | Url | 1 | http://pavanalakecamping.com/mrs–jessika-sporer/documents.zip |
|
| Details | Url | 1 | http://bengheng-engrg.com/carmelo-metz-iii/documents.zip |
|
| Details | Url | 1 | http://seremanis.com/gregg-beier/documents.zip |
|
| Details | Url | 1 | http://inmobaperu.com/letitia-wintheiser/documents.zip |
|
| Details | Url | 1 | http://ayurskinclinic.com/elroy-emard/documents.zip |
|
| Details | Url | 1 | http://controlling2014.erp-corp.com/arvid-abbott/documents.zip |
|
| Details | Url | 1 | http://najihojeily.com/mr–kale-ebert-i/documents.zip |
|
| Details | Url | 1 | http://radiocakrabandung.com/prof–tremaine-gerlach-v/documents.zip |
|
| Details | Url | 1 | http://offlinesharks.com/prof–clark-hessel-md/documents.zip |
|
| Details | Url | 1 | http://connectavet.com/efren-crooks-iii/documents.zip |
|
| Details | Url | 1 | http://infotrekkingnepal.com/dr–dahlia-wisoky-phd/documents.zip |
|
| Details | Url | 1 | http://lookatmemarketing.com/evzbd/documents.zip |
|
| Details | Url | 1 | http://calvano.com/prof–emil-rolfson/documents.zip |
|
| Details | Url | 1 | http://allyoulovetrading.com/emmanuelle-zemlak/documents.zip |
|
| Details | Url | 1 | http://viewmediads.com/dr–lucie-little/documents.zip |
|
| Details | Url | 1 | http://integrityadvisory.in/dedrick-osinski/documents.zip |
|
| Details | Url | 1 | http://enaruci.qwerty.ba/prof–dan-denesik-iii/documents.zip |
|
| Details | Url | 1 | http://slsviews.magicways.in/mrs–margie-morissette/documents.zip |
|
| Details | Url | 1 | http://leonandsigourney.com/phoebe-wisozk/documents.zip |
|
| Details | Url | 1 | http://marketbling.com/daphne-hamill-phd/documents.zip |
|
| Details | Url | 1 | http://cac-itc.com/lola-wehner/documents.zip |
|
| Details | Url | 1 | http://germiterra.com/hanna-kuphal/documents.zip |
|
| Details | Url | 1 | http://tracking-centre-redelivery.idealnepaltours.com/lelia-jones-i/documents.zip |
|
| Details | Url | 1 | https://dharamdiwan.in/njipkucz/ork.html |
|
| Details | Url | 1 | https://lenoirramosjr.com/7r9jyflo/ork.html |
|
| Details | Url | 1 | https://dev.favterest.com/vbpfhu4udmdt/filter.html |
|
| Details | Url | 1 | https://ethioshare.com/q22ugzzm3pv7/filter.html |
|
| Details | Url | 2 | https://nws.visionconsulting.ro/n1g1kcxa/dot.html |
|
| Details | Url | 2 | https://royalpalm.sparkblue.lk/vcnhyrq3yg8/dot.html |
|
| Details | Url | 1 | https://arpanetwifi.com/6pjhscezzv/lora.html |
|
| Details | Url | 1 | https://victoriaholidays.co.in/jro9rjmm/lora.html |