ioc[.]one - OSINT Cyber Threat Intelligence Database

Grandoreiro, the global trojan with grandiose ambitions

Tags

cmtmf-attack-pattern:	Masquerading
country:	Algeria Angola Antigua And Barbuda Argentina Australia Bahamas Barbados Belgium Belize Venezuela Brazil Canada Cayman Islands Switzerland Chile Colombia Costa Rica Dominican Republic Uruguay Ecuador Ethiopia Nigeria France Ghana Haiti Honduras India Kenya Spain Laos Malta Mexico Mozambique New Zealand Panama Paraguay Peru Philippines Poland Portugal South Africa Uganda Tanzania United Kingdom
maec-delivery-vectors:	Watering Hole
attack-pattern:	Data Binary Padding - T1027.001 Clipboard Data - T1414 Credentials - T1589.001 Domain Generation Algorithms - T1637.001 Domain Generation Algorithms - T1568.002 Domain Generation Algorithms - T1520 Domain Generation Algorithms - T1483 Domains - T1583.001 Domains - T1584.001 Malicious Link - T1204.001 Malvertising - T1583.008 Malware - T1587.001 Malware - T1588.001 Masquerading - T1655 Phishing - T1660 Phishing - T1566 Software - T1592.002 Tool - T1588.002 Binary Padding - T1009 Clipboard Data - T1115 Masquerading - T1036 Masquerading

Show in Graph

Common Information

Type	Value
UUID	b6a00179-7d48-450c-8912-7f7d9167589b
Fingerprint	9e14193085bd0697
Analysis status	DONE
Considered CTI value	2
Text language
Published	Oct. 22, 2024, 6:05 p.m.
Added to db	Oct. 22, 2024, 8:44 p.m.
Last updated	Nov. 17, 2024, 6:54 p.m.
Headline	Grandoreiro, the global trojan with grandiose ambitions
Title	Grandoreiro, the global trojan with grandiose ambitions
Detected Hints/Tags/Attributes	153/4/96

Source URLs

	Redirection	Url
Details	Source	https://malware.news/t/grandoreiro-the-global-trojan-with-grandiose-ambitions/87723

URL Provider

Details	Provider	Source level domain
Details	malware.news	malware.news

RSS Feed

Details	Id	Enabled	Feed title	Url	Added to db
Details	158	✔	Malware Analysis, News and Indicators - Latest topics	https://malware.news/latest.rss	2024-08-30 22:08

Attributes

Details	Type	#Events	Value
Details	Domain	95	ip-api.com
Details	File	2	atissddriver.exe
Details	File	15	atieclxx.exe
Details	File	22	regmon.exe
Details	File	74	procmon.exe
Details	File	271	chrome.exe
Details	File	128	msedge.exe
Details	File	199	firefox.exe
Details	File	263	iexplore.exe
Details	File	173	outlook.exe
Details	File	73	opera.exe
Details	File	15	brave.exe
Details	File	4	chromium.exe
Details	File	6	avastbrowser.exe
Details	File	2	hopper.exe
Details	File	3	nessusd.exe
Details	File	2	omnipeek.exe
Details	File	3	jd-gui.exe
Details	File	2	packetsled.exe
Details	File	19	netmon.exe
Details	File	29	filemon.exe
Details	File	2	canvas.exe
Details	File	2	prtg.exe
Details	File	2	colasoft.exe
Details	File	71	wireshark.exe
Details	File	2	pebrowsepro.exe
Details	File	2	cain.exe
Details	File	2	netwitness.exe
Details	File	56	processhacker.exe
Details	File	9	gdb.exe
Details	File	2	networkanalyzerpro.exe
Details	File	2	netscanpro.exe
Details	File	11	pchunter64.exe
Details	File	2	scylla.exe
Details	File	2	packetanalyzer.exe
Details	File	4	pchunter32.exe
Details	File	4	volatility.exe
Details	File	2	packettotal.exe
Details	File	3	joetrace.exe
Details	File	3	cffexplorer.exe
Details	File	9	tshark.exe
Details	File	40	ollydbg.exe
Details	File	2	angr.exe
Details	File	22	windump.exe
Details	File	5	ida.exe
Details	File	6	pestudio.exe
Details	File	3	probe.exe
Details	File	23	x64dbg.exe
Details	File	4	die.exe
Details	File	2	netflowanalyzer.exe
Details	File	2	cheatengine.exe
Details	File	17	ethereal.exe
Details	File	2	swjobengineworker2x64.exe
Details	File	5	ollyice.exe
Details	File	2	capsa.exe
Details	File	2	netperfmonservice.exe
Details	File	24	fiddler.exe
Details	File	22	tcpdump.exe
Details	File	2	solarwinds.dat
Details	File	2	aprocessor.exe
Details	File	13	devenv.exe
Details	File	5	networkminer.exe
Details	File	15	ettercap.exe
Details	File	3	radare2.exe
Details	File	2	smartsniff.exe
Details	File	5	apimonitor.exe
Details	File	2	ghidra.exe
Details	File	3	snort.exe
Details	File	3	apimonitor-x64.exe
Details	File	3	frida.exe
Details	File	3	pcap.exe
Details	File	2	apimonitor-x32.exe
Details	File	2	binaryninja.exe
Details	File	2	netperfmon.exe
Details	File	28	x32dbg.exe
Details	File	2	cutter.exe
Details	File	19	nmap.exe
Details	File	5	x96dbg.exe
Details	File	4	fakenet.exe
Details	File	2	hexworkshop.exe
Details	File	8	dbgview.exe
Details	File	2	sysexp.exe
Details	File	74	vmtoolsd.exe
Details	File	2	dotpeek.exe
Details	File	40	procexp64.exe
Details	File	5	procexp64a.exe
Details	File	64	procexp.exe
Details	File	15	trojan.pdf
Details	md5	3	f0243296c6988a3bce24f95035ab4885
Details	md5	3	dd2ea25752751c8fb44da2b23daf24a4
Details	md5	3	555856076fad10b2c0c155161fb9384b
Details	md5	3	49355fd0d152862e9c8e3ca3bbc55eb0
Details	md5	3	43eec7f0fecf58c71a9446f56def0240
Details	md5	3	150de04cb34fdc5fd131e342fe4df638
Details	md5	3	b979d79be32d99824ee31a43deccdb18
Details	Url	12	http://ip-api.com/json