skip to Main Content

Cybercrime, Quakbot goes through a fake Covid-19 themed email

Malware Hunter JAMESWT Technical Analysis

Quakbot goes through a fake Covid-19 themed email. The link in the message downloads a password protected zip file (provided in the text) with an MSI executable that installs the malware

Quakbot goes through a fake Covid-19 themed email.

The link in the message downloads a password protected zip file (provided in the text). Inside is an MSI executable that installs the malware. QuakBot (aka Qbot) is a modular cybercrime banking Trojan known for targeting companies. Goal: to steal money from their online bank accounts. It features worm functionality for automatic replication via shared drives and removable media. The code uses powerful info-stealer features to spy on users’ banking activity.

Malware C2

 

Back To Top