ACE

RESPONDER

Attack Animator

Blog

Learn

Challenges

Sign in

Welcome to the Qakbot challenge! In this challenge, you will step into the shoes of a seasoned threat hunter and incident responder. You have been hired by the renowned company SolidLabs to assist with investigating a string of Qakbot attacks. SolidLabs, a global leader in technological innovation, has been grappling with an increasing number of attacks that have put their valuable assets and confidential information at risk. Their network defenses have detected a recurring pattern in these attacks, pointing towards the notorious Qakbot malware as the primary culprit. Qakbot, also known as Qbot is a persistent strain of malware that has plagued organizations worldwide. It is notorious for its ability to stealthily infiltrate networks, establish a persistent presence, and exfiltrate sensitive data. SolidLabs does not possess the capabilities or expertise to investigate effectively and will rely on you to quickly and accurately scope the intrusion. You will also be asked to create detections that will uncover future attacks of the same nature. The events in your SIEM can be found in the following timespan: 27 May 2023 - 4 June 2023.

Qakbot

Share on Twitter
Share on LinkedIn

Welcome to the Qakbot challenge! In this challenge, you will step into the shoes of a seasoned threat hunter and incident responder. You have been hired by the renowned company SolidLabs to assist with investigating a string of Qakbot attacks.

SolidLabs, a global leader in technological innovation, has been grappling with an increasing number of attacks that have put their valuable assets and confidential information at risk. Their network defenses have detected a recurring pattern in these attacks, pointing towards the notorious Qakbot malware as the primary culprit.

Qakbot, also known as Qbot is a persistent strain of malware that has plagued organizations worldwide. It is notorious for its ability to stealthily infiltrate networks, establish a persistent presence, and exfiltrate sensitive data. SolidLabs does not possess the capabilities or expertise to investigate effectively and will rely on you to quickly and accurately scope the intrusion. You will also be asked to create detections that will uncover future attacks of the same nature.

The events in your SIEM can be found in the following timespan: 27 May 2023 - 4 June 2023.

Analyst

$17.49

/mo

14 Days Free

Explore realistic pre-recorded attacks

Master full-featured defensive platforms

Browser-based challenges and modules

Extended attack videos

Grants access to Analyst content. You can cancel any time by returning to this page and following the cancellation steps.

Defender

$44.49

/mo

Instant fully interactive labs

Hands-on prevention and detection

Master offensive techniques

Security engineering exercises

Highly realistic and dynamic scenarios

Access to all Analyst-level content

Grants access to all Defender content, Analyst content and interactive lab environments. You can cancel any time by returning to this page and following the cancellation steps.