← Back to Pulse Feed
PULSE DETAIL
PULSE NAME
Grandoreiro Banking Malware Resurfaces for Tax Season
WHITE AlienVault 2022-05-27 Modified: 2022-06-26
17
IOCs
MEDIUM VOLUME
Researchers observed in early April a Grandoreiro malware campaign targeting bank users from Brazil, Spain, and Mexico. The campaign exploits the tax season in target countries by sending out tax-themed phishing emails.
grandoreiromsi installerdelphibanks
MITRE ATT&CK & Malware Families
ATT&CK TECHNIQUES
MALWARE FAMILIES
Grandoreiro
Indicators of Compromise (3 / 17 total)
All FileHash-MD5 FileHash-SHA1 FileHash-SHA256 URL domain
TYPEINDICATORDESCRIPTIONCREATED
FileHash-MD5 72759c77ca4b837fdc3927372b300f56 MD5 of be3bebab8db0087d92316b5f54b5aaf5f51fbf46 2022-05-27
FileHash-MD5 8d7868c9914191945e5e81ac80c5d4bd MD5 of 5dd0b062dda3991c09e439f0688ba94004573d6e 2022-05-27
FileHash-MD5 cc2c7c9cdd4d7c1904458fdd944b0bb0 MD5 of aadc8a089d1288e91e6ba9e095d37d30de3bbb18 2022-05-27
References (1)
↗ https://www.trustwave.com/en-us/resources/blogs/spiderlabs-blog/grandoreiro-banking-malware-resurfaces-for-tax-season/