Internet Storm Center
Sign In
Sign Up
SANS Network Security: Las Vegas Sept 4-9.
Handler on Duty:
Renato Marinho
Threat Level:
green
Date
Author
Title
2023-06-22
Brad Duncan
Qakbot (Qbot) activity, obama271 distribution tag
2023-02-28
Brad Duncan
BB17 distribution Qakbot (Qbot) activity
2022-12-02
Brad Duncan
obama224 distribution Qakbot tries .vhd (virtual hard disk) images
2022-11-02
Brad Duncan
Who put the "Dark" in DarkVNC?
2022-06-30
Brad Duncan
Case Study: Cobalt Strike Server Lives on After Its Domain Is Suspended
2022-06-09
Brad Duncan
TA570 Qakbot (Qbot) tries CVE-2022-30190 (Follina) exploit (ms-msdt)
2022-04-20
Brad Duncan
"aa" distribution Qakbot (Qbot) infection with DarkVNC traffic
2022-03-25
Xavier Mertens
XLSB Files: Because Binary is Stealthier Than XML
2022-03-16
Brad Duncan
Qakbot infection with Cobalt Strike and VNC activity
2021-11-04
Brad Duncan
October 2021 Forensic Contest: Answers and Analysis
2021-09-23
Xavier Mertens
Excel Recipe: Some VBA Code with a Touch of Excel4 Macro
2021-06-30
Brad Duncan
June 2021 Forensic Contest: Answers and Analysis
2021-03-03
Brad Duncan
Qakbot infection with Cobalt Strike
2021-02-23
Jan Kopriva
Qakbot in a response to Full Disclosure post
2021-01-26
Brad Duncan
TA551 (Shathak) Word docs push Qakbot (Qbot)
2021-01-20
Brad Duncan
Qakbot activity resumes after holiday break
2020-12-09
Brad Duncan
Recent Qakbot (Qbot) activity
2020-11-03
Brad Duncan
Emotet -> Qakbot -> more Emotet
2020-08-19
Xavier Mertens
Example of Word Document Delivering Qakbot
2020-04-01
Brad Duncan
Qakbot malspam sent from an infected Windows host
2019-03-13
Brad Duncan
Malspam pushes Emotet with Qakbot as the follow-up malware
Homepage
Diaries
Podcasts
Jobs
Data
TCP/UDP Port Activity
Port Trends
SSH/Telnet Scanning Activity
Weblogs
Threat Feeds Activity
Threat Feeds Map
Useful InfoSec Links
Presentations & Papers
Research Papers
API
Tools
DShield Sensor
DNS Looking Glass
Honeypot (RPi/AWS)
InfoSec Glossary
Contact Us
Contact Us
About Us
Handlers
About Us
Slack Channel
Mastodon
Bluesky
X
Follow the Internet Storm Center on
Twitter