Cinobi

Description

(Trend Micro) The Cinobi banking trojan is split into four stages, with each stage downloading additional components and possibly performing environment or anti-virtual machine (VM) checks. There are two command-and-control (C&C) servers, with one of them returning stages 2 to 4, while the other one returns the configuration files.

Names

Name
Cinobi

Type

Banking trojan
Backdoor
Info stealer

Information

https://www.trendmicro.com/en_us/research/21/h/cinobi-banking-trojan-targets-users-of-cryptocurrency-exchanges-.html
https://documents.trendmicro.com/assets/pdf/Tech%20Brief_Operation%20Overtrap%20Targets%20Japanese%20Online%20Banking%20Users.pdf
https://blog.trendmicro.com/trendlabs-security-intelligence/operation-overtrap-targets-japanese-online-banking-users-via-bottle-exploit-kit-and-brand-new-cinobi-banking-trojan/
http://www.pwncode.io/2019/12/unpacking-payload-used-in-bottle-ek.html

Malpedia

https://malpedia.caad.fkie.fraunhofer.de/details/win.cinobi

Other Information

Uuid

69f2b448-d8d2-4351-88f8-466fbea6328b

Last Card Change

2021-12-28

Threat Intelligence Garden

Explorer

Cinobi

Cinobi

Description

Names

Category

Type

Information

Malpedia

Other Information

Uuid

Last Card Change

Graph View

Table of Contents

Backlinks