Grandoreiro banking trojan: overview of recent versions and new tricks
Tags
Common Information
Type | Value |
---|---|
UUID | 663cb372-565b-48d3-be83-a5ff854fb1e6 |
Fingerprint | 9e14193085ad0697 |
Analysis status | DONE |
Considered CTI value | 2 |
Text language | |
Published | Oct. 22, 2024, 6 p.m. |
Added to db | Oct. 22, 2024, 8:42 p.m. |
Last updated | Nov. 17, 2024, 6:54 p.m. |
Headline | Grandoreiro, the global trojan with grandiose ambitions |
Title | Grandoreiro banking trojan: overview of recent versions and new tricks |
Detected Hints/Tags/Attributes | 152/4/98 |
Source URLs
Redirection | Url | |
---|---|---|
Details | Source | https://securelist.com/grandoreiro-banking-trojan/114257/ |
URL Provider
RSS Feed
Details | Id | Enabled | Feed title | Url | Added to db |
---|---|---|---|---|---|
Details | 223 | ✔ | Securelist | https://securelist.com/feed/ | 2024-08-30 22:08 |
Attributes
Details | Type | #Events | CTI | Value |
---|---|---|---|---|
Details | Domain | 95 | ip-api.com |
|
Details | Domain | 338 | kaspersky.com |
|
Details | 28 | crimewareintel@kaspersky.com |
||
Details | File | 2 | atissddriver.exe |
|
Details | File | 15 | atieclxx.exe |
|
Details | File | 22 | regmon.exe |
|
Details | File | 74 | procmon.exe |
|
Details | File | 271 | chrome.exe |
|
Details | File | 128 | msedge.exe |
|
Details | File | 199 | firefox.exe |
|
Details | File | 263 | iexplore.exe |
|
Details | File | 173 | outlook.exe |
|
Details | File | 73 | opera.exe |
|
Details | File | 15 | brave.exe |
|
Details | File | 4 | chromium.exe |
|
Details | File | 6 | avastbrowser.exe |
|
Details | File | 2 | hopper.exe |
|
Details | File | 3 | nessusd.exe |
|
Details | File | 2 | omnipeek.exe |
|
Details | File | 3 | jd-gui.exe |
|
Details | File | 2 | packetsled.exe |
|
Details | File | 19 | netmon.exe |
|
Details | File | 29 | filemon.exe |
|
Details | File | 2 | canvas.exe |
|
Details | File | 2 | prtg.exe |
|
Details | File | 2 | colasoft.exe |
|
Details | File | 71 | wireshark.exe |
|
Details | File | 2 | pebrowsepro.exe |
|
Details | File | 2 | cain.exe |
|
Details | File | 2 | netwitness.exe |
|
Details | File | 56 | processhacker.exe |
|
Details | File | 9 | gdb.exe |
|
Details | File | 2 | networkanalyzerpro.exe |
|
Details | File | 2 | netscanpro.exe |
|
Details | File | 11 | pchunter64.exe |
|
Details | File | 2 | scylla.exe |
|
Details | File | 2 | packetanalyzer.exe |
|
Details | File | 4 | pchunter32.exe |
|
Details | File | 4 | volatility.exe |
|
Details | File | 2 | packettotal.exe |
|
Details | File | 3 | joetrace.exe |
|
Details | File | 3 | cffexplorer.exe |
|
Details | File | 9 | tshark.exe |
|
Details | File | 40 | ollydbg.exe |
|
Details | File | 2 | angr.exe |
|
Details | File | 22 | windump.exe |
|
Details | File | 5 | ida.exe |
|
Details | File | 6 | pestudio.exe |
|
Details | File | 3 | probe.exe |
|
Details | File | 23 | x64dbg.exe |
|
Details | File | 4 | die.exe |
|
Details | File | 2 | netflowanalyzer.exe |
|
Details | File | 2 | cheatengine.exe |
|
Details | File | 17 | ethereal.exe |
|
Details | File | 2 | swjobengineworker2x64.exe |
|
Details | File | 5 | ollyice.exe |
|
Details | File | 2 | capsa.exe |
|
Details | File | 2 | netperfmonservice.exe |
|
Details | File | 24 | fiddler.exe |
|
Details | File | 22 | tcpdump.exe |
|
Details | File | 2 | solarwinds.dat |
|
Details | File | 2 | aprocessor.exe |
|
Details | File | 13 | devenv.exe |
|
Details | File | 5 | networkminer.exe |
|
Details | File | 15 | ettercap.exe |
|
Details | File | 3 | radare2.exe |
|
Details | File | 2 | smartsniff.exe |
|
Details | File | 5 | apimonitor.exe |
|
Details | File | 2 | ghidra.exe |
|
Details | File | 3 | snort.exe |
|
Details | File | 3 | apimonitor-x64.exe |
|
Details | File | 3 | frida.exe |
|
Details | File | 3 | pcap.exe |
|
Details | File | 2 | apimonitor-x32.exe |
|
Details | File | 2 | binaryninja.exe |
|
Details | File | 2 | netperfmon.exe |
|
Details | File | 28 | x32dbg.exe |
|
Details | File | 2 | cutter.exe |
|
Details | File | 19 | nmap.exe |
|
Details | File | 5 | x96dbg.exe |
|
Details | File | 4 | fakenet.exe |
|
Details | File | 2 | hexworkshop.exe |
|
Details | File | 8 | dbgview.exe |
|
Details | File | 2 | sysexp.exe |
|
Details | File | 74 | vmtoolsd.exe |
|
Details | File | 2 | dotpeek.exe |
|
Details | File | 40 | procexp64.exe |
|
Details | File | 5 | procexp64a.exe |
|
Details | File | 64 | procexp.exe |
|
Details | File | 15 | trojan.pdf |
|
Details | md5 | 3 | f0243296c6988a3bce24f95035ab4885 |
|
Details | md5 | 3 | dd2ea25752751c8fb44da2b23daf24a4 |
|
Details | md5 | 3 | 555856076fad10b2c0c155161fb9384b |
|
Details | md5 | 3 | 49355fd0d152862e9c8e3ca3bbc55eb0 |
|
Details | md5 | 3 | 43eec7f0fecf58c71a9446f56def0240 |
|
Details | md5 | 3 | 150de04cb34fdc5fd131e342fe4df638 |
|
Details | md5 | 3 | b979d79be32d99824ee31a43deccdb18 |
|
Details | Url | 12 | http://ip-api.com/json |