Skip to content

Hide Navigation Hide TOC

QakBot (9050b418-5ffd-481a-a30d-f9059b0871ea)

QakBot is a modular banking trojan that has been used primarily by financially-motivated actors since at least 2007. QakBot is continuously maintained and developed and has evolved from an information stealer into a delivery agent for ransomware, most notably ProLock and Egregor.[Trend Micro Qakbot December 2020][Red Canary Qbot][Kaspersky QakBot September 2021][ATT QakBot April 2021]

Cluster A Galaxy A Cluster B Galaxy B Level
TA577 (28f3dbcc-b248-442f-9ff3-234210bb2f2a) Tidal Groups QakBot (9050b418-5ffd-481a-a30d-f9059b0871ea) Tidal Software 1
QakBot (9050b418-5ffd-481a-a30d-f9059b0871ea) Tidal Software TA551 (8951bff3-c444-4374-8a9e-b2115d9125b2) Tidal Groups 1