Statements (50)
| Predicate | Object |
|---|---|
| gptkbp:instanceOf |
malware
|
| gptkbp:abilities |
credential theft
keylogging downloading additional malware spreading laterally in networks injecting malicious code into browsers |
| gptkbp:alsoKnownAs |
gptkb:Pinkslipbot
gptkb:QakBot |
| gptkbp:associatedWith |
gptkb:fraud
credential harvesting business email compromise |
| gptkbp:category |
trojan
botnet malware-as-a-service cybercrime tool |
| gptkbp:detects |
gptkb:security
endpoint protection platforms |
| gptkbp:discoveredBy |
2007
|
| gptkbp:exploits |
vulnerabilities in Microsoft Office macros
vulnerabilities in Windows OS |
| https://www.w3.org/2000/01/rdf-schema#label |
QBot
|
| gptkbp:infrastructureTakenDownBy |
gptkb:Europol
gptkb:FBI |
| gptkbp:infrastructureTakenDownDate |
August 2023
|
| gptkbp:notable_campaign |
Conti ransomware delivery
Emotet partnership TrickBot partnership Egregor ransomware delivery ProLock ransomware delivery |
| gptkbp:primaryUse |
malware
information stealer malware loader |
| gptkbp:remedy |
network isolation
antivirus removal tools system reimaging |
| gptkbp:spreadTo |
malicious email attachments
phishing campaigns malicious links |
| gptkbp:target |
gptkb:Windows_operating_systems
|
| gptkbp:usedBy |
cybercriminals
|
| gptkbp:usedFor |
data exfiltration
ransomware delivery spam distribution |
| gptkbp:uses |
command and control servers
encrypted communications modular architecture |
| gptkbp:writtenBy |
gptkb:C++
C |
| gptkbp:bfsParent |
gptkb:QakBot
|
| gptkbp:bfsLayer |
7
|