Malware-Traffic-Analysis.net - 2021-05-18 (Tuesday) - Quick post: Qakbot (Qbot) infection with Cobalt Strike

2021-05-18 (TUESDAY) - QUICK POST: QAKBOT (QBOT) INFECTION WITH COBALT STRIKE

NOTICE:

The zip archives on this page have been updated, and they now use the new password scheme. For the new password, see the "about" page of this website.

ASSOCIATED FILES:

2021-05-18-Qakbot-infection-with-Cobalt-Strike.pcap.zip 21.2 MB (21,206,062 bytes)
2021-05-18-Qakbot-malware-and-artifacts.zip 433 kB (432,814 bytes)

NOTES:

Cobalt Strike activity on 82.117.252[.]32 at testsubnet[.]com

IMAGES

Shown above: Example of email pushing Qakbot.

Click here to return to the main page.