← Back to Pulse Feed
PULSE DETAIL
PULSE NAME
Coyote Banking Trojan Targets LATAM with a Focus on Brazilian Financial Institutions
WHITE JordanPowell@123 2024-07-09 Modified: 2024-07-09
99
IOCs
HIGH VOLUME
Researchers have identified the Coyote banking Trojan, which is targeting Brazilian financial institutions, and is believed to be targeting customers in Latin American (LATAM) and the European Union (ECU).
cybersecuritytrojancoyotecoyote bankingsquirrellatamsha256focustrojan targetsblackberry blogresearchfebruarypythonexecutionloaderdefensemodulanim
MITRE ATT&CK & Malware Families
ATT&CK TECHNIQUES
MALWARE FAMILIES
Modula Nim
Indicators of Compromise (99)
All FileHash-MD5 FileHash-SHA1 FileHash-SHA256 YARA domain hostname
TYPEINDICATORDESCRIPTIONCREATED
FileHash-MD5 071b6efd6d3ace1ad23ee0d6d3eead76 MD5 of 110b616bc12c29b070b0dc60c197a4d63b3e3caae6bb80a25b8864489a51da79 2024-07-09
FileHash-MD5 276f14d432601003b6bf0caa8cd82fec MD5 of 1bed3755276abd9b54db13882fcf29c543ebf604be3b7fcf060cbd6d68bcd23f 2024-07-09
FileHash-MD5 bf9c9cc94056bcdae6e579e724e8dbbd MD5 of eb615c093e9b52ed409f426764857e6e42aa85e02adef59d6f1457dcbb90bb40 2024-07-09
FileHash-SHA1 076b4c3a7cb4c5847b197e32a2849c460a40d84d SHA1 of 110b616bc12c29b070b0dc60c197a4d63b3e3caae6bb80a25b8864489a51da79 2024-07-09
FileHash-SHA1 bd30ada16bfd7de0224bbdaa67245f898546a8bb SHA1 of 1bed3755276abd9b54db13882fcf29c543ebf604be3b7fcf060cbd6d68bcd23f 2024-07-09
FileHash-SHA1 ee340d0cc2f5f807845a87ef8ff46579a8701939 SHA1 of eb615c093e9b52ed409f426764857e6e42aa85e02adef59d6f1457dcbb90bb40 2024-07-09
FileHash-SHA256 096d7765f278bb0de33fbfa0a15413a2432060d09c99f15c6ca900a6a8a46365 2024-07-09
FileHash-SHA256 110b616bc12c29b070b0dc60c197a4d63b3e3caae6bb80a25b8864489a51da79 2024-07-09
FileHash-SHA256 112edf53d4c560ab71f1b20856ec4d6096e0ea42b0271526b3415c3563300f06 2024-07-09
FileHash-SHA256 16cc13258a3e63be247c9adf18def0369bb72197bdb3668142bc50a6656047af 2024-07-09
FileHash-SHA256 1bed3755276abd9b54db13882fcf29c543ebf604be3b7fcf060cbd6d68bcd23f 2024-07-09
FileHash-SHA256 287b39f40ed541585c968b6529c44e9ccdd899bca0b88457907d994c2b5013f4 2024-07-09
FileHash-SHA256 3a14ab878697453832306a836e67915d7475481307c65268ceb1f900ff4ec25a 2024-07-09
FileHash-SHA256 3cc58b46d0babd561508d7b67c609e0e9be9a35db9425f1e8a29512a5229665a 2024-07-09
FileHash-SHA256 3edcf6a6b6cb254f72f0f2607fa4bb2ecb604475b448c9487e89fc76eb8f896e 2024-07-09
FileHash-SHA256 4806617bbc8187a89d5ed73cb818853e306d3699f87bd09940b0ecffdc96091d 2024-07-09
FileHash-SHA256 504a5902f20d0a7e3968251849cd88acd31e7fc895fc18d5c82076c5388df5bd 2024-07-09
FileHash-SHA256 5b3421beb6aaf3fd16831e1456475acac4f8e7c863869fb4d5dc9b1ae0576ef3 2024-07-09
FileHash-SHA256 6da5f450f3124e30e8091fda443cb416d29eab4e166a777263e004758acf2e69 2024-07-09
FileHash-SHA256 798fb8de9bb0434ee0b172793f5b68eb593054538cf5ec96e71a5a0759f6bcc5 2024-07-09
FileHash-SHA256 90ffb18c9d05bf6a61d90c57f299b70702c0e65dac90349b06d5e6833d6d2612 2024-07-09
FileHash-SHA256 9160ca25889427b2c2da4d4b14c4a93a707efc2ce07a49d5b8ab1a7f9be8ab55 2024-07-09
FileHash-SHA256 ae6676ad5b8ba386e88ae045eacc05225a657360963844cdf18db6a45318ea89 2024-07-09
FileHash-SHA256 aedffb9cf780bb52c68586ceb238fcaf90253524f06a4a338edc6437409e51c5 2024-07-09
FileHash-SHA256 c0833babb2982e36ac7646f7539f6a235a42bcf5375bc080d3ac9d031dc3b903 2024-07-09
FileHash-SHA256 d96c3e8dc899948bf92c377bb4872b19b5983b6eb2d59f00019345293601843c 2024-07-09
FileHash-SHA256 e0b65087cc83b899d53c153fcfd1420d15e369c3d196325396b50cb75681c27d 2024-07-09
FileHash-SHA256 e1c48e87d7386dc2edd54a1d3ac73d4af7e63eb2fc4f26f59ff15a9dd1dc1ac6 2024-07-09
FileHash-SHA256 e3d9cb8f4385a63e70305de36f8366e0b86d183322e860029455f145404c7e9c 2024-07-09
FileHash-SHA256 eb615c093e9b52ed409f426764857e6e42aa85e02adef59d6f1457dcbb90bb40 2024-07-09
FileHash-SHA256 ec605cc14c60e30682e84ec87d19034f7bd1399025ca11fbf3c4adeed85fadf0 2024-07-09
FileHash-SHA256 f6ed73bed9e6b992dbfdee64ff8c9dfde5e3f12c3ec6bbb4e2367fbd2ce75b6f 2024-07-09
FileHash-SHA256 fb8353e718397dcabd11d9bd8a500ffd54e2a57ac4722a34241757c60ba2bdff 2024-07-09
FileHash-SHA256 fcb8f32502147dbf8ef44ad99a41d9eaf639bb3d22c4de92a3022f501c9d8cb6 2024-07-09
YARA 51d6b367b547953a212e0f15a7f61e7f279f4531 2024-07-09
domain acaodegraca.com 2024-07-09
domain angelcallcenter.com 2024-07-09
domain atendesolucao.com 2024-07-09
domain autoglobalcar.com 2024-07-09
domain bancobmg.com.br 2024-07-09
domain bancobs2.com.br 2024-07-09
domain bancofibra.com.br 2024-07-09
domain bancopan.com.br 2024-07-09
domain bancotopazio.com.br 2024-07-09
domain banese.com.br 2024-07-09
domain banestes.b.br 2024-07-09
domain banestes.com.br 2024-07-09
domain bermatechcliente.com 2024-07-09
domain bestoraculo.com 2024-07-09
domain bilatex.com 2024-07-09
domain bitcointrade.com.br 2024-07-09
domain britoingresso.com 2024-07-09
domain btgmais.com 2024-07-09
domain carrodenatal.com 2024-07-09
domain carrosantigo.com 2024-07-09
domain centralsolucao.com 2024-07-09
domain cidadetran.bradesco 2024-07-09
domain cinebrian.com 2024-07-09
domain cloridatosys.com 2024-07-09
domain cora.com.br 2024-07-09
domain credisan.com.br 2024-07-09
domain credisisbank.com.br 2024-07-09
domain dowfinanceiro.com 2024-07-09
domain flogoral.com 2024-07-09
domain formitamina.com 2024-07-09
domain foxbit.com.br 2024-07-09
domain gargamellojas.com 2024-07-09
domain jogodequadra.com 2024-07-09
domain marvelnatal.com 2024-07-09
domain mercadobitcoin.com.br 2024-07-09
domain navegacaodura.com 2024-07-09
domain nograusistema.com 2024-07-09
domain rendimento.com.br 2024-07-09
domain safra.com.br 2024-07-09
domain safraempresas.com.br 2024-07-09
domain servicoasso.com 2024-07-09
domain sofisa.com.br 2024-07-09
domain sofisadireto.com.br 2024-07-09
domain stone.com.br 2024-07-09
domain tribanco.com.br 2024-07-09
domain turmadabruta.com 2024-07-09
domain unicred.com.br 2024-07-09
domain uniprime.com.br 2024-07-09
domain uniprimebr.com.br 2024-07-09
domain zeitbank.com.br 2024-07-09
hostname brbbanknet.brb.com.br 2024-07-09
hostname contaonline.viacredi.coop.br 2024-07-09
hostname ecode.daycoval.com.br 2024-07-09
hostname ib.banpara.b.br 2024-07-09
hostname ib.brde.com.br 2024-07-09
hostname ibpj.original.com.br 2024-07-09
hostname internetbanking.banpara.b.br 2024-07-09
hostname internetbanking.confesol.com.br 2024-07-09
hostname meu.original.com.br 2024-07-09
hostname nel.bnb.gov.br 2024-07-09
hostname www.banestes.com.br 2024-07-09
hostname www.rendimento.com.br 2024-07-09
hostname www2s.bancoamazonia.com.br 2024-07-09
hostname wwws.uniprimedobrasil.com.br 2024-07-09
References (1)
↗ https://blogs.blackberry.com/en/2024/07/coyote-banking-trojan-targets-latam-with-a-focus-on-brazilian-financial-institutions