Retefe Banking Trojan
Tags
country: Austria Switzerland Japan Sweden
maec-delivery-vectors: Watering Hole
attack-pattern: Data Model Credentials - T1589.001 Ip Addresses - T1590.005 Javascript - T1059.007 Malware - T1587.001 Malware - T1588.001 Phishing - T1660 Phishing - T1566 Server - T1583.004 Server - T1584.004 Software - T1592.002 Connection Proxy - T1090
Show in Graph
Common Information
Type Value
UUID c23187ff-5c91-459e-908d-96dfdd68b56b
Fingerprint f8051dd98c77e29d
Analysis status DONE
Considered CTI value 0
Text language
Published Feb. 29, 2016, 5 p.m.
Added to db Sept. 26, 2022, 9:30 a.m.
Last updated Nov. 8, 2024, 11:30 a.m.
Headline Count Upon Security
Title Retefe Banking Trojan
Detected Hints/Tags/Attributes 63/3/8
Source URLs
Redirection Url
Details Source https://countuponsecurity.com/2016/02/29/retefe-banking-trojan/
URL Provider
Details Provider Source level domain
Details countuponsecurity.com countuponsecurity.com
Attributes
Details Type #Events CTI Value
Details Domain 15 
checkip.dyndns.com
Details Domain 62 
icanhazip.com
Details File 18 
1.apk
Details File 11 
config.cfg
Details sha1 1 
32ed8fb57e914d4f906e52328156f0e457d86761
Details sha1 1 
4bdc5ccd3e6aa70b3e601e1b4b23beaf09f33d7a
Details Windows Registry Key 1 
HKEY_CURRENT_USER\Software\Microsoft\SystemCertificates\Root\Certificates
Details Windows Registry Key 14 
HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Internet