W32/Bancos.HA!tr
Analysis
This threat is a "PE" executable file
Network/Internet:
- It spreads through: mass-emailing
- Connects to Server: HTTP
Files:
- Copies itself to: undefinedSystemRootundefined/undefinedWinDirundefined
Installation to System:
- When run, it copies itself to:
System and Windows directories - And creates these registry entries:
A Run entry to start upon startup
More Info:
This trojan targets the following online banking services :
- Caixa
- Mica Federal
- Bradesco
- Banco ITA
Telemetry
Detection Availability
FortiGate | |
---|---|
Extended | |
FortiClient | |
FortiMail | |
FortiSandbox | |
FortiWeb | |
Web Application Firewall | |
FortiIsolator | |
FortiDeceptor | |
FortiEDR |
Version Updates
Date | Version | Detail |
---|---|---|
2020-01-23 | 74.74100 | Sig Updated |
2019-12-31 | 74.20000 | Sig Updated |
2019-10-01 | 72.00100 | Sig Updated |
2019-08-27 | 71.17600 | Sig Updated |
2019-07-22 | 70.16100 | Sig Updated |
2019-07-15 | 69.99100 | Sig Updated |
2019-02-19 | 66.50100 | Sig Updated |
2019-01-17 | 65.70000 | Sig Updated |
2018-12-18 | 64.98900 | Sig Updated |
2018-11-24 | 64.41000 | Sig Updated |