← Back to Pulse Feed
PULSE DETAIL
PULSE NAME
TCLBANKER: Brazilian Banking Trojan Spreading via WhatsApp and Outlook
WHITE REF3076 Tr1sa111 2026-05-11 Modified: 2026-05-11
15
IOCs
MEDIUM VOLUME
whatsapp wormtclbankermavericksorvepotel
MITRE ATT&CK & Malware Families
MALWARE FAMILIES
TCLBANKER MAVERICK SORVEPOTEL
Indicators of Compromise (15)
All FileHash-MD5 FileHash-SHA1 FileHash-SHA256 domain hostname
TYPEINDICATORDESCRIPTIONCREATED
FileHash-MD5 e0d1eedaa0c1f98f50726df729594edc 2026-05-11
FileHash-SHA1 91fafaa1240676afe5c55d931261e3798797c408 2026-05-11
FileHash-SHA1 94f21c140afd18b43d5a0f274216545442b3f6cd 2026-05-11
FileHash-SHA256 63beb7372098c03baab77e0dfc8e5dca5e0a7420f382708a4df79bed2d900394 2026-05-11
FileHash-SHA256 668f932433a24bbae89d60b24eee4a24808fc741f62c5a3043bb7c9152342f40 2026-05-11
FileHash-SHA256 701d51b7be8b034c860bf97847bd59a87dca8481c4625328813746964995b626 2026-05-11
FileHash-SHA256 8a174aa70a4396547045aef6c69eb0259bae1706880f4375af71085eeb537059 2026-05-11
domain afonsoferragista.com 2026-05-11
domain arquivos-omie.com 2026-05-11
domain doccompartilhe.com 2026-05-11
domain documentos-online.com 2026-05-11
domain mxtestacionamentos.com 2026-05-11
domain recebamais.com 2026-05-11
domain saogeraldoshiping.com 2026-05-11
hostname window.navigator.chrome 2026-05-11
References (1)
↗ https://www.elastic.co/security-labs/tclbanker-brazilian-banking-trojan