Dmitry Bestuzhev :verified: · @dimitribest
183 followers · 49 posts · Server infosec.exchange
Ongoing #Grandoreiro trojan #banker campaign targeting #Chile.
If victim's IP is out of Chile, there is a 403. For Chileans IPs it drops a malicious MSI with a random filename.
Extracted payload ->
28728fc47ec7d920830d036c5a9221ab *Binary.nmpDbaW.dll_1
original MSI: 0bd958b0c88d3614f563ea50f97c2121 *FOSKP89XAE.msi
Tx for the headsup, Ewald!
Si soy yo · @nuria_imeq
46 followers · 23 posts · Server fosstodon.org#Grandoreiro #malware
IOC: hxxps://factura11.blob.core.windows.net/es1/factura.html?1486682127689
https://bazaar.abuse.ch/sample/8f7324a4bb2f8486d116b526b43d4279ceac3a9fdd55492d84acf825c324b3b1/
Parliamo di news! · @parliamodinews
16 followers · 87685 posts · Server masthead.socialIl malware bancario Grandoreiro prende di mira i produttori in Spagna e Messico - Matrice Digitale #bancario #cybercrime #grandoreiro #malware #messico #spagna #Trojan #zscaler #22agosto https://parliamodi.news/article/aHR0cHM6Ly93d3cubWF0cmljZWRpZ2l0YWxlLml0L25vdGl6aWUvaWwtbWFsd2FyZS1iYW5jYXJpby1ncmFuZG9yZWlyby1wcmVuZGUtZGktbWlyYS1pLXByb2R1dHRvcmktaW4tc3BhZ25hLWUtbWVzc2ljby8=
#22agosto #zscaler #trojan #spagna #messico #malware #grandoreiro #cybercrime #bancario
ITSEC News · @itsecbot
687 followers · 32461 posts · Server schleuss.online
Overlay Malware Leverages Chrome Browser, Targets Banks and Heads to Spain - The Grandoreiro banking malware uses remote overlay and a fake Chrome browser plugin to steal from... more: https://threatpost.com/overlay-malware-exploits-chrome-browser-targets-banks-and-heads-to-spain/154713/ #bankingmalware #spainmalware #coronavirus #grandoreiro #malware #malspam #payload #url
#url #payload #malspam #malware #grandoreiro #coronavirus #spainmalware #bankingmalware