BREAKING THE BANK(ER): AUTOMATED CONFIGURATION DATA EXTRACTION FOR BANKING MALWARE
Common Information
| Type | Value |
|---|---|
| UUID | 4d6e4365-6212-4458-be69-aeb39c78b637 |
| Fingerprint | 13edc3171f07d2f58c96fe80d22d8ebfadf65ed05feb9267b4052228e8b24397 |
| Analysis status | DONE |
| Considered CTI value | 0 |
| Text language | |
| Published | Dec. 24, 2016, 11:09 p.m. |
| Added to db | April 16, 2024, 6:44 p.m. |
| Last updated | Aug. 30, 2024, 11:59 p.m. |
| Headline | BREAKING THE BANK(ER): AUTOMATED CONFIGURATION DATA EXTRACTION FOR BANKING MALWARE |
| Title | BREAKING THE BANK(ER): AUTOMATED CONFIGURATION DATA EXTRACTION FOR BANKING MALWARE |
| Detected Hints/Tags/Attributes | 80/3/29 |
Source URLs
URL Provider
Attributes
| Details | Type | #Events | CTI | Value |
|---|---|---|---|---|
| Details | Domain | 115 | sophos.com |
|
| Details | Domain | 3 | sniffer.py |
|
| Details | Domain | 111 | www.justice.gov |
|
| Details | Domain | 35 | www.europol.europa.eu |
|
| Details | Domain | 32 | paloaltonetworks.com |
|
| Details | Domain | 98 | www.secureworks.com |
|
| Details | Domain | 132 | www.sophos.com |
|
| Details | Domain | 10 | www.cuckoosandbox.org |
|
| Details | Domain | 1 | cuckoo.readthedocs.org |
|
| Details | Domain | 1 | securityblog.switch.ch |
|
| Details | Domain | 12 | www.volatilityfoundation.org |
|
| Details | Domain | 4128 | github.com |
|
| Details | Domain | 5 | ibsensoftware.com |
|
| Details | 2 | james.wyke@sophos.com |
||
| Details | File | 3 | sniffer.py |
|
| Details | File | 7 | g.py |
|
| Details | File | 1 | service-tpna.pdf |
|
| Details | File | 5 | products_aplib.html |
|
| Details | Github username | 3 | mitrecnd |
|
| Details | Url | 1 | http://www.justice.gov/opa/pr/us-leads-multi- |
|
| Details | Url | 1 | https://www.europol.europa.eu/content |
|
| Details | Url | 2 | http://www.secureworks.com/cyber- |
|
| Details | Url | 2 | https://www.sophos.com |
|
| Details | Url | 1 | http://www.cuckoosandbox.org/. |
|
| Details | Url | 1 | http://cuckoo.readthedocs.org/en/latest |
|
| Details | Url | 1 | http://securityblog.switch.ch/2015/06/18/so-long- |
|
| Details | Url | 3 | http://www.volatilityfoundation.org/. |
|
| Details | Url | 1 | https://github.com/mitrecnd/chopshop. |
|
| Details | Url | 4 | http://ibsensoftware.com/products_aplib.html |