Threat Group Cards: A Threat Actor Encyclopedia
Archived: 2026-04-05 20:40:23 UTC
Home > List all groups > List all tools > List all groups using tool Qadars
 Tool: Qadars
Names Qadars
Category Malware
Type Banking trojan, Backdoor, Credential stealer, Botnet
Description
(ESET) A new banking Trojan has been making its round in the past few months. First
publicly discussed by LEXSI, this banking Trojan has been very active, infecting users
throughout the world. Its modus operandi is banking fraud through web injection. While
this approach has been present for a long time in various banking Trojan families, it is still
effective. Win32/Qadars uses a wide variety of webinjects, some with Android mobile
components, used to bypass online banking security and to gain access to user’s bank
account. Usually, banking Trojans either target a broad array of financial institutions or
focus on a much smaller subset, usually institutions of which the user base is
geographically close. Win32/Qadars fall in the second category: it pinpoints users in
specific regions and uses webinject configuration files tailored to the banks most
commonly used by the victims.
Information
Malpedia AlienVault OTX Last change to this tool card: 24 May 2020
Download this tool card in JSON format
https://apt.etda.or.th/cgi-bin/listgroups.cgi?u=144de65c-7f10-4653-a970-eb3ea79e64e2
Page 1 of 2

All groups using tool Qadars
Changed Name Country Observed
Unknown groups
  _[ Interesting malware not linked to an actor yet ]_  
1 group listed (0 APT, 0 other, 1 unknown)
Source: https://apt.etda.or.th/cgi-bin/listgroups.cgi?u=144de65c-7f10-4653-a970-eb3ea79e64e2
https://apt.etda.or.th/cgi-bin/listgroups.cgi?u=144de65c-7f10-4653-a970-eb3ea79e64e2
Page 2 of 2