CoreBot

Description

(IBM) CoreBot appears to be quite modular, which means that its structure and internal makeup were programmed in a way that allows for the easy adding of new data theft and endpoint control mechanisms.

CoreBot was discovered while the researchers were studying the activity of malware on Trusteer-protected enterprise endpoints. The malware’s compiled file was named “core” by its developer. Antivirus engines do not specify this malware’s name yet and detect it under generic names such as Dynamer!ac or Eldorado. But while CoreBot may appear artless at first glance, without real-time theft capabilities, it is more interesting on the inside.

Names

Name
CoreBot

Type

Credential stealer

Information

https://securityintelligence.com/watch-out-for-corebot-new-stealer-in-the-wild/
https://malwarebreakdown.com/2017/09/11/re-details-malspam-downloads-corebot-banking-trojan/
https://www.arbornetworks.com/blog/asert/wp-content/uploads/2016/02/ASERT-Threat-Intelligence-Brief-2016-02-Corebot-1.pdf
http://blog.deepinstinct.com/2017/11/08/a-deeper-dive-into-corebots-comeback/

Malpedia

https://malpedia.caad.fkie.fraunhofer.de/details/win.corebot

Alienvault Otx

https://otx.alienvault.com/browse/pulses?q=tag:Corebot

Other Information

Uuid

91666db0-93e4-47ab-974f-277a3e19b707

Last Card Change

2020-05-13

Threat Intelligence Garden

Explorer

CoreBot

CoreBot

Description

Names

Category

Type

Information

Malpedia

Alienvault Otx

Other Information

Uuid

Last Card Change

Graph View

Table of Contents

Backlinks