ioc[.]one - OSINT Cyber Threat Intelligence Database

Panda Banker: New Banking Trojan Hits the Market | Proofpoint US

Tags

country:	Australia Russia
maec-delivery-vectors:	Watering Hole
attack-pattern:	Data Botnet - T1583.005 Botnet - T1584.005 Control Panel - T1218.002 Credentials - T1589.001 Exploits - T1587.004 Exploits - T1588.005 Fast Flux Dns - T1568.001 Fast Flux Dns - T1325 Hooking - T1617 Ip Addresses - T1590.005 Javascript - T1059.007 Malware - T1587.001 Malware - T1588.001 Server - T1583.004 Server - T1584.004 Software - T1592.002 Vnc - T1021.005 Vulnerabilities - T1588.006 Hooking - T1179 Hooking

Show in Graph

Common Information

Type	Value
UUID	ccdcbe2e-1e3c-42a7-87db-27c0dd0f5c04
Fingerprint	ef2d61bac8f0b4c7
Analysis status	DONE
Considered CTI value	2
Text language
Published	April 20, 2016, 8 p.m.
Added to db	Sept. 26, 2022, 9:30 a.m.
Last updated	Nov. 17, 2024, 10:40 p.m.
Headline	Panda Banker: New Banking Trojan Hits the Market
Title	Panda Banker: New Banking Trojan Hits the Market \| Proofpoint US
Detected Hints/Tags/Attributes	76/3/60

Source URLs

	Redirection	Url
Details	Source	https://www.proofpoint.com/us/threat-insight/post/panda-banker-new-banking-trojan-hits-the-market

URL Provider

Details	Provider	Source level domain
Details	proofpoint.com	www.proofpoint.com

Attributes

Details	Type	#Events	Value
Details	CVE	51	cve-2014-1761
Details	CVE	176	cve-2012-0158
Details	Domain	1	alwaysonline.pw
Details	Domain	1	secpressnetwork.com
Details	Domain	369	microsoft.com
Details	Domain	6	myspace.com
Details	Domain	330	facebook.com
Details	Domain	1	plus.googleapis.com
Details	Domain	8	apps.facebook.com
Details	Domain	1373	twitter.com
Details	Domain	707	google.com
Details	Domain	16	googleusercontent.com
Details	Domain	1	pipe.skype.com
Details	Domain	4	boq.com.au
Details	Domain	1	online.tsb.co.uk
Details	Domain	5	santander.co.uk
Details	Domain	1	online.lloydsbank.co.uk
Details	Domain	1	secure.lloydsbank.co.uk
Details	Domain	1	www.halifax-online.co.uk
Details	Domain	1	secure.halifax-online.co.uk
Details	Domain	1	www.bankofscotland.co.uk
Details	Domain	4	bankofscotland.co.uk
Details	Domain	1	secure.tsb.co.uk
Details	Domain	155	yandex.com
Details	Domain	1	gettort1.net
Details	Domain	1	denoted-chioces.com
Details	Domain	1	eajaxe1995.top
Details	Domain	12	www.kernelmode.info
Details	Domain	4	www.fox-it.com
Details	File	1	gert.exe
Details	File	1	panda.dat
Details	File	24	login.jsp
Details	File	19	kernelmode.inf
Details	File	40	viewtopic.php
Details	sha256	1	bdc912caf9b9e078bc7bd331deacae9c460c8e8893442048b9474790c52e1ab9
Details	sha256	1	6dc0bd77e51eb9af143c749539bd638020d557083479bcd4c4b9639fe61eb0f8
Details	sha256	1	1cccc844fcdb255f833a9ef36c2d3c690557b828ed5d0a45d068aeb2af1faac7
Details	sha256	1	0fd5413365f474b99f4a49560e20c5e97418d09a2f53e5e7436b88e3f5c16668
Details	sha256	1	a395357a9012b0a4087e0878e7d642877d3b856de53c71cb9805f806dc958264
Details	sha256	1	fa867ddf9f3116da75b62a1bf8007410ac0d3adf7a92e7f3d2effeef982ad73d
Details	sha256	1	8d381ee21b6cbc7d3ae0e503ab7b05235eb31594d2810e67093c5e9a51437992
Details	IPv4	1	78.128.92.31
Details	Url	1	https://online.tsb.co.uk/personal/logon/login.jsp
Details	Url	1	https://www.halifax-online.co.uk/personal
Details	Url	1	https://www.bankofscotland.co.uk/personal
Details	Url	1	http://gettort1.net/zrbysl/496a20b/3/c8d72f43/5/6/c54353d/29/4/4/c80
Details	Url	1	http://gettort1.net/p3zfw/4/32b/188c/cc/cb464b/72eb602/cf280798/9
Details	Url	1	http://denoted-chioces.com/uxc/5a805f448de/3f5c048/7/185/49/0689fe1a
Details	Url	1	http://denoted-chioces.com/jne8/45b65/90/9bfcec/5a0616a/98/3219/bff8/5/7
Details	Url	1	http://denoted-chioces.com/6uri/198d4e58/e/3f5d2f13d518f/6345/84ef06
Details	Url	1	http://denoted-chioces.com/yyrqm3kquh/5/6a16e40989/3/ebe97e6ca4/7301a/0f05c
Details	Url	1	http://denoted-chioces.com/ya/76b945508cc1/d9f/952/6584/6b/2ab0e40e
Details	Url	1	http://denoted-chioces.com/vuv2w/5/9a/d4a0382d6f5ce3953ab7f/25e/3ea1/9
Details	Url	1	http://eajaxe1995.top/g5eix9r/5/1c8/1bce/8650d/2d7/5/0425715/6d7055/4/3
Details	Url	1	http://eajaxe1995.top/oepnda7gtr/7/9982ec99a0897f7117/551082/46c76/17
Details	Url	1	http://eajaxe1995.top/pfe/4/6bb1bf7b8/2/cf0d62/05/778280444/57/26
Details	Url	1	https://www.proofpoint.com/us/threat-insight/post/carbanak-cybercrime-group-targets-executives-of-financial-organizations-in-middle-east
Details	Url	2	https://www.proofpoint.com/us/threat-insight/post/dyreza-campaigners-sights-on-fulfillment-warehousing-industry
Details	Url	1	http://www.kernelmode.info/forum/viewtopic.php?f=16&t=4327
Details	Url	1	https://www.fox-it.com/intell