ioc[.]one - OSINT Cyber Threat Intelligence Database

Zeus Panda Banking Trojan Targets Online Holiday Shoppers | Proofpoint US

Tags

country:	Australia Canada New Zealand South Africa
attack-pattern:	Credentials - T1589.001 Malware - T1587.001 Malware - T1588.001 Powershell - T1059.001 Powershell - T1086

Show in Graph

Common Information

Type	Value
UUID	aaca7e33-372c-4045-ba95-b78a04156faa
Fingerprint	218d69b9895ae08d
Analysis status	DONE
Considered CTI value	2
Text language
Published	Dec. 14, 2017, 10:45 p.m.
Added to db	Sept. 26, 2022, 9:30 a.m.
Last updated	Oct. 14, 2024, 10:37 a.m.
Headline	Zeus Panda Banking Trojan Targets Online Holiday Shoppers
Title	Zeus Panda Banking Trojan Targets Online Holiday Shoppers \| Proofpoint US
Detected Hints/Tags/Attributes	40/2/18

Source URLs

	Redirection	Url
Details	Source	https://www.proofpoint.com/us/threat-insight/post/zeus-panda-banking-trojan-targets-online-holiday-shoppers

URL Provider

Details	Provider	Source level domain
Details	proofpoint.com	www.proofpoint.com

Attributes

Details	Type	#Events	CTI	Value
Details	Domain	3		canadapost-packagecenter.com
Details	Domain	2		gromnes.top
Details	Domain	2		aklexim.top
Details	Domain	1		kichamyn.top
Details	File	17		resume.doc
Details	File	2		receipt-package-5a0a062cae04a.doc
Details	File	1		bigmac.jpg
Details	md5	1		0849e22e843170e1600c1910df8cf9da
Details	sha256	1		5f7a1b02d5b2904554e65bd01a12f1fa5ff2121eef53f3942c4e9e29c46bdce3
Details	sha256	1		e13594d83f2a573627e742baf33298b9eeec1ebb8c7955304b8c35559e5f23dc
Details	sha256	1		2514dbf1549b517692e415af85baa6e5eca926cdedb526d2e255b5943501d98b
Details	sha256	1		ae92a4a5bc64db6af23219d7fa2d8bce98a5d7eb2eff7193e4f49698e3e5650d
Details	IPv4	1		80.82.67.217
Details	IPv4	3		89.248.169.136
Details	Url	1		https://canadapost-packagecenter.com
Details	Url	1		http://80.82.67.217/moo.jpg
Details	Url	1		http://www.nfk-trading.com/analyticsmmrxbctq/redirect/0849e22e843170e1600c1910df8cf9da-id-qblozsmn-to-package-awaiting
Details	Url	1		http://89.248.169.136/bigmac.jpg