API tools faq
paste
Bank_Security

“BANLOAD” BANKING MALWARE

Bank_Security
May 15th, 2019
14,787
0
Never
Add comment
Not a member of Pastebin yet? Sign Up, it unlocks many cool features!
text 2.73 KB | None | 0 0
raw download clone embed print report
  1. GROUPS BEHIND “BANLOAD” BANKING MALWARE IMPLEMENT NEW TECHNIQUES
  2.  
  3.  
  4. Indicators of Compromise (IOCs)
  5. Golang Loader (MD5):
  6.  
  7. bd73f690fb9479ccfacad8cc3d36f002
  8. 64-bit Driver (MD5):
  9.  
  10. ef4048de1c678045520815c932e73f56
  11. PDB: F:\Sistema\Drivers-Denis\FileDelete\FileDelete\x64\Debug\B.pdb
  12. 32-bit Driver (MD5):
  13.  
  14. f54c335c5024cfa43c4673f3c99209b2
  15. PDB: F:\Sistema\Drivers-Denis\FileDelete\FileDelete\Debug\B.pdb
  16. Targeted Software
  17. #Sample 1
  18.  
  19. C:\Program Files (x86)\Trusteer\Rapport\bin\x64\RapportAegle64.sys
  20. C:\Program Files (x86)\Trusteer\Rapport\bin\x64\RapportEI64.sys
  21. C:\Program Files (x86)\Trusteer\Rapport\bin\x64\RapportHades64.sys
  22. C:\Program Files (x86)\Trusteer\Rapport\bin\x64\RapportKE64.sys
  23. C:\Program Files (x86)\Trusteer\Rapport\bin\x64\RapportPG64.sys
  24. C:\Program Files (x86)\Trusteer\Rapport\bin\RapportMgmtService.exe
  25. C:\Program Files (x86)\Trusteer\Rapport\bin\RapportService.exe
  26. C:\Program Files\Trusteer\Rapport\bin\RapportAegle.sys
  27. C:\Program Files\Trusteer\Rapport\bin\RapportEI.sys
  28. C:\Program Files\Trusteer\Rapport\bin\RapportPG.sys
  29. C:\Program Files\Trusteer\Rapport\bin\RapportMgmtService.exe
  30. C:\Program Files\Trusteer\Rapport\bin\RapportService.exe
  31. C:\Program Files\AVAST Software\Avast\AvastUI.exe
  32. C:\Program Files\AVAST Software\Avast\AvLaunch.exe
  33. C:\Program Files\AVAST Software\Avast\AvEmUpdate.exe
  34. C:\Program Files\AVG\Antivirus\AvEmUpdate.exe
  35. C:\Program Files\AVG\Antivirus\AVGUI.exe
  36. C:\Program Files\AVG\Antivirus\AvLaunch.exe
  37. #Sample 2
  38.  
  39. C:\Program Files (x86)\Trusteer\Rapport\bin\x64\RapportAegle64.sys
  40. C:\Program Files (x86)\Trusteer\Rapport\bin\x64\RapportEI64.sys
  41. C:\Program Files (x86)\Trusteer\Rapport\bin\x64\RapportHades64.sys
  42. C:\Program Files (x86)\Trusteer\Rapport\bin\x64\RapportKE64.sys
  43. C:\Program Files (x86)\Trusteer\Rapport\bin\x64\RapportPG64.sys
  44. C:\Program Files (x86)\Trusteer\Rapport\bin\RapportMgmtService.exe
  45. C:\Program Files (x86)\Trusteer\Rapport\bin\RapportService.exe
  46. C:\Program Files\Trusteer\Rapport\bin\RapportAegle.sys
  47. C:\Program Files\Trusteer\Rapport\bin\RapportEI.sys
  48. C:\Program Files\Trusteer\Rapport\bin\RapportPG.sys
  49. C:\Program Files\Trusteer\Rapport\bin\RapportMgmtService.exe
  50. C:\Program Files\Trusteer\Rapport\bin\RapportService.exe
  51. C:\Program Files\AVAST Software\Avast\AvastUI.exe
  52. C:\Program Files\AVAST Software\Avast\AvLaunch.exe
  53. C:\Program Files\AVAST Software\Avast\AvEmUpdate.exe
  54. C:\Program Files\AVG\Antivirus\AvEmUpdate.exe
  55. C:\Program Files\AVG\Antivirus\AVGUI.exe
  56. C:\Program Files\AVG\Antivirus\AvLaunch.exe
  57. C:\Program Files\scpbrad\scpbradserv.exe
  58. C:\Program Files\scpbrad\scpbradguard.exe
  59. C:\Program Files\scpbrad\scpncmpsg.dll
  60. C:\Program Files (x86)\scpbrad\scpbradserv.exe
  61. C:\Program Files (x86)\scpbrad\scpbradguard.exe
  62. C:\Program Files (x86)\scpbrad\scpncmpsg.dll
Add Comment
Please, Sign In to add comment
Public Pastes
We use cookies for various purposes including analytics. By continuing to use Pastebin, you agree to our use of cookies as described in the Cookies Policy.  OK, I Understand
Not a member of Pastebin yet?
Sign Up, it unlocks many cool features!