← Back to Pulse Feed
PULSE DETAIL
PULSE NAME
Qakbot Being Distributed in Korea Through Email Hijacking - ASEC BLOG
WHITE CyberHunter_NL 2023-04-13 Modified: 2023-04-13
23
IOCs
MEDIUM VOLUME
A security emergency response centre in South Korea has identified how Qakbot banking malware is being distributed through email hijacked emails, and how the malicious code is used to bypass antivirus software and bypass detection.
pdf attachmentpdf fileasecqakbotopen buttonzip filewsf fileqakbot binarygirnieahnlabscreen
MITRE ATT&CK & Malware Families
ATT&CK TECHNIQUES
Indicators of Compromise (10 / 23 total)
All FileHash-MD5 URL domain
TYPEINDICATORDESCRIPTIONCREATED
URL http://milleniuninformatica.com.br/Le9/jGjSkvEqmXp 2023-04-13
URL https://alzheimersdigest.net/ZKpva/55C63K 2023-04-13
URL https://antoinettegabriel.com/YuUE/RQwyJWR2jjc 2023-04-13
URL https://choicefaz.com.br/w1W2/4gPNeUm0J 2023-04-13
URL https://farmfutures.in/tlUtBc/IYj0K1 2023-04-13
URL https://medano355condominio.com/Tt7l/OwZd8xdlWjil 2023-04-13
URL https://qassimnews.com/yweNej/kQBDu 2023-04-13
URL https://seicas.com/KvtM0/Uj3atvfT4E a8f82dc2fddb6cee308b183dd489537b2e14b820846fabff82b9376d499d775e 2023-04-13
URL https://stealingexcellence.com/rVR9r/yahxNk 63c52aa99ca361b59a27e7f51fe5fadffef99e671f8b4f9560fab204219e0666 2023-04-13
URL https://t-lows.com/ggAJ2m/kXpW59tm 2023-04-13
References (1)
↗ https://asec.ahnlab.com/en/51282/