Statements (49)
| Predicate | Object |
|---|---|
| gptkbp:instanceOf |
gptkb:malware
|
| gptkbp:abilities |
creating botnets
credential theft web injection keylogging spreading laterally in networks installing ransomware |
| gptkbp:affectedArea |
global
|
| gptkbp:affectedIndustry |
gptkb:government
education financial services healthcare |
| gptkbp:alsoKnownAs |
gptkb:QBot
gptkb:QakBot QuakBot |
| gptkbp:commanded |
gptkb:peer-to-peer_network
encrypted communications |
| gptkbp:discoveredBy |
2007
|
| gptkbp:lawEnforcementActionDate |
August 2023
|
| gptkbp:lawEnforcementResponse |
Operation Duck Hunt
|
| gptkbp:notable_campaign |
Conti ransomware delivery
Emotet partnership TrickBot partnership Cobalt Strike delivery |
| gptkbp:notableEvent |
disrupted by law enforcement in 2023
|
| gptkbp:notableFeature |
gptkb:malware_loader
credential harvesting frequent updates modular architecture anti-analysis techniques email thread hijacking self-propagation |
| gptkbp:persistenceMechanism |
gptkb:Windows_registry
DLL injection scheduled tasks |
| gptkbp:platform |
gptkb:Windows
|
| gptkbp:primaryUse |
delivering other malware
stealing banking credentials |
| gptkbp:removalDifficulty |
high
|
| gptkbp:uses |
phishing emails
malicious attachments malicious links |
| gptkbp:usesMalware |
gptkb:malware
|
| gptkbp:writtenBy |
gptkb:assembly_language
gptkb:C++ C |
| gptkbp:bfsParent |
gptkb:QakBot
|
| gptkbp:bfsLayer |
7
|
| https://www.w3.org/2000/01/rdf-schema#label |
Pinkslipbot
|