VirusW32/Bancos.HA!tr
Analysis
This threat is a "PE" executable file
Network/Internet:
- It spreads through: mass-emailing
- Connects to Server: HTTP
Files:
- Copies itself to: undefinedSystemRootundefined/undefinedWinDirundefined
Installation to System:
- When run, it copies itself to:
System and Windows directories - And creates these registry entries:
A Run entry to start upon startup
More Info:
This trojan targets the following online banking services :
- Caixa
- Mica Federal
- Bradesco
- Banco ITA
Telemetry
Detection Availability
| FortiGate | |
|---|---|
| Extended | |
| FortiClient | |
| FortiMail | |
| FortiSandbox | |
| FortiWeb | |
| Web Application Firewall | |
| FortiIsolator | |
| FortiDeceptor | |
| FortiEDR |
Version Updates
| Date | Version | Detail |
|---|---|---|
| 2020-01-23 | 74.74100 | Sig Updated |
| 2019-12-31 | 74.20000 | Sig Updated |
| 2019-10-01 | 72.00100 | Sig Updated |
| 2019-08-27 | 71.17600 | Sig Updated |
| 2019-07-22 | 70.16100 | Sig Updated |
| 2019-07-15 | 69.99100 | Sig Updated |
| 2019-02-19 | 66.50100 | Sig Updated |
| 2019-01-17 | 65.70000 | Sig Updated |
| 2018-12-18 | 64.98900 | Sig Updated |
| 2018-11-24 | 64.41000 | Sig Updated |