Trusted Design

Threat Spotlight: The Return of Qakbot Malware

概要

Qakbot has been around for years, but it’s nothing to be complacent about. This malware is well-known for its ability to steal credentials and quickly spread through an enterprise over network shares. Given its age, it might seem logical that security controls would have this threat on lockdown. However, the occasional functional enhancements combined with its multiple layers of obfuscation and server-side polymorphism periodically breathe new life into this seemingly immortal malware.

Created: 2026-02-23

Indicators

• URL - http://projects.montgomerytech.com/TeaLeafTarget.php -
• URL - http://n.abcwd0.seed.fastsecureservers.com/TeaLeafTarget.php -
• URL - http://a.new-date-world.com/viewtopic.php -
• URL - http://homemadebody.247affiliatemarketing.com/viewtopic.php -
• URL - http://css.kbaf.myzen.co.uk/TealeafTarget.php -
• FileHash-SHA256 - 67f3bd674647ca0d294a894b6702362b6cfc4b6c2e147643e100903a6b4d715a -
• URL - http://oe.zagorai3lan.com/viewtopic.php -
• URL - http://n.abcwd0.seed.fastsecureservers.com/TealeafTarget.php -
• FileHash-SHA256 - 8891524e468be1bd44723385c9238017090b536f922ccc007d8ac47c66802e3c -
• URL - http://projects.montgomerytech.com/TealeafTarget.php -
• URL - http://w.abcwd0.seed.fastsecureservers.com/viewtopic.php -
• FileHash-SHA256 - 7dbd0df279062090c34f796efc7dd239eccd46b99b67aac370d6048d5adbb9ec -
• URL - http://autoparts.perksautocare.com/viewtopic.php -

類似Pulses

• Qakbot - A capable banking trojan (score: 0.71)
• The Return of Qbot (score: 0.61)
• Pkybot: A new banking malware (score: 0.61)
• The return of Qbot (score: 0.60)
• Qqpass malware on Metadefender.com (score: 0.59)

このPulseに関連する脅威アクター (事実ベース)

このPulseに関連する脅威アクター (推論ベース)

Related CVEs

このPulseに見つかったCVEはありません。

Pulse – 脅威アクター グラフ

---

← Pulse一覧に戻る