Qakbot is a multi-component malware threat. It continuously evolved to avoid easy detection on and removal from an infected system. Early variants used constant file names which had the string,“_qbot” in them. They utilized a single layer of encryption for their configuration files. Later variants have set the configuration files’ attribute to Hidden and used random names for their component files and folders. They also doubled their configuration files’ ability to encrypt, which made them harder to decrypt and analyze. It may be downloaded onto a system when a user visits malicious sites. It may also arrive via .PDF files.