New Banking Trojan Targets Brazil [Friday, March 08, 2024]

FortiGuard Labs recently uncovered a threat actor employing a malicious PDF file to propagate the banking Trojan CHAVECLOAK in Brazil. This intrica...
New Banking Trojan Targets Brazil [Friday, March 08, 2024]
New Banking Trojan Targets Brazil

New Banking Trojan Targets Brazil

Description :
FortiGuard Labs recently uncovered a threat actor employing a malicious PDF file to propagate the banking Trojan CHAVECLOAK in Brazil. This intricate attack involves the PDF downloading a ZIP file and subsequently utilizing DLL side-loading techniques to execute the final malware. CHAVECLOAK is specifically designed to target users in Brazil, aiming to steal sensitive information linked to financial activities. It employs Portuguese language settings, indicating a strategic approach to the region, and actively monitors victims' interactions with financial portals. CHAVECLOAK exemplifies the sophistication of contemporary banking trojans, necessitating continual vigilance and proactive cybersecurity measures to safeguard against evolving threats within the financial landscape of South America.

Published Created Modified
2024-03-08 17:27:10 2024-03-08 17:27:10 2024-03-08 18:02:36

Tags

Indicators

IPv4s : Domains : Malwares :
  • CHAVECLOAK
Hashes :
  • 8b39baec4b955e8dfa585d54263fd84fea41a46554621ee46b769a706f6f965c
  • 131d2aa44782c8100c563cd5febf49fcb4d26952d7e6e2ef22f805664686ffff
  • 2ca1b23be99b6d46ce1bbd7ed16ea62c900802d8efff1d206bac691342678e55
  • 634542fdd6581dd68b88b994bc2291bf41c60375b21620225a927de35b5620f9
  • 4ab3024e7660892ce6e8ba2c6366193752f9c0b26beedca05c57dcb684703006
  • 51512659f639e2b6e492bba8f956689ac08f792057753705bf4b9273472c72c4
  • 48c9423591ec345fc70f31ba46755b5d225d78049cfb6433a3cb86b4ebb5a028
Location :
  • Brazil
MITRE ATT&CK Techniques :

External References

You can download the txt file containing the indicators by clicking on the button below:

About the author
Julien B.

Securitricks

Up-to-Date Cybersecurity Insights & Malware Reports

Securitricks

Great! You’ve successfully signed up.

Welcome back! You've successfully signed in.

You've successfully subscribed to Securitricks.

Success! Check your email for magic link to sign-in.

Success! Your billing info has been updated.

Your billing was not updated.