QBot

Blog articles filed under "QBot". • AKA Pinkslipbot • Discovered in 2008 and under constant development, with gaps in operational use in the wild; operators are occasionally known as GOLD LAGOON • Banking Trojan, steals financial data, browser information/hooks,  keystrokes, credentials; described by CheckPoint as a “Swiss Army knife” • Known to leverage many other tools; for example, PowerShell and Mimikatz are used for self-propagation • Attempts obfuscation via legitimate process injection • Known to serve as a dropper for ProLock ransomware • Infection vectors are common, with malspam as the most frequent
Online preview not available notification
Blog

IQ-FA009:QBot OOXML

09.02.2020
William MacArthur
OSINT QBot threat hunting

InQuest, LLC
1204 San Antonio St, 2nd Floor
Austin, Texas 78701, USA

Phone
+1 (866) 982-0561

Web Support
support.inquest.net

Support
[email protected]

Sales
[email protected]

PGP Key
inquest.pgp

© Copyright 2024 InQuest