← Back to Pulse Feed
PULSE DETAIL
PULSE NAME
Qakbot Being Distributed in Korea Through Email Hijacking - ASEC BLOG
WHITE CyberHunter_NL 2023-04-13 Modified: 2023-04-13
23
IOCs
MEDIUM VOLUME
A security emergency response centre in South Korea has identified how Qakbot banking malware is being distributed through email hijacked emails, and how the malicious code is used to bypass antivirus software and bypass detection.
pdf attachmentpdf fileasecqakbotopen buttonzip filewsf fileqakbot binarygirnieahnlabscreen
MITRE ATT&CK & Malware Families
ATT&CK TECHNIQUES
Indicators of Compromise (23)
All FileHash-MD5 URL domain
TYPEINDICATORDESCRIPTIONCREATED
FileHash-MD5 19c1526182fe5ed0f1abfafc98d84df9 2023-04-13
FileHash-MD5 b57532c33d7fead3105e9312cb544e11 2023-04-13
FileHash-MD5 c9ab1cd04e796fd7f084a1dd2d40cc2d 2023-04-13
URL http://milleniuninformatica.com.br/Le9/jGjSkvEqmXp 2023-04-13
URL https://alzheimersdigest.net/ZKpva/55C63K 2023-04-13
URL https://antoinettegabriel.com/YuUE/RQwyJWR2jjc 2023-04-13
URL https://choicefaz.com.br/w1W2/4gPNeUm0J 2023-04-13
URL https://farmfutures.in/tlUtBc/IYj0K1 2023-04-13
URL https://medano355condominio.com/Tt7l/OwZd8xdlWjil 2023-04-13
URL https://qassimnews.com/yweNej/kQBDu 2023-04-13
URL https://seicas.com/KvtM0/Uj3atvfT4E a8f82dc2fddb6cee308b183dd489537b2e14b820846fabff82b9376d499d775e 2023-04-13
URL https://stealingexcellence.com/rVR9r/yahxNk 63c52aa99ca361b59a27e7f51fe5fadffef99e671f8b4f9560fab204219e0666 2023-04-13
URL https://t-lows.com/ggAJ2m/kXpW59tm 2023-04-13
domain alzheimersdigest.net 2023-04-13
domain antoinettegabriel.com 2023-04-13
domain choicefaz.com.br 2023-04-13
domain farmfutures.in 2023-04-13
domain medano355condominio.com 2023-04-13
domain milleniuninformatica.com.br 2023-04-13
domain qassimnews.com 2023-04-13
domain seicas.com 2023-04-13
domain stealingexcellence.com 2023-04-13
domain t-lows.com 2023-04-13
References (1)
↗ https://asec.ahnlab.com/en/51282/