Corkow

Description

(ESET) The malware, which has been in the wild since at least 2011, has demonstrated continuous activity in the past year, infecting thousands of users. Version numbering of the various Trojan modules is another indicator that the malware authors are continually developing the trojan.

The most common infection vector – drive-by downloads – has been used to spread the malware.

This Russian tool for committing bank fraud shares many characteristics with other malware families with a similar purpose, such as Zeus (also known as Zbot), JHUHUGIT, HesperBot, or Qadars, for example, but also contains some unique functionality.

Several features, like enumeration of smart cards, targeting of dedicated banking applications mostly used by corporate customers and looking for user activity regarding online banking sites and applications, electronic trading platform sites and applications and so forth, all suggest that the attackers are focusing their sights on financial professionals and enterprises, whose bank accounts usually hold a higher balance than those of most individuals.

Names

Name
Corkow

Type

Banking trojan

Information

https://www.welivesecurity.com/2014/02/27/corkow-analysis-of-a-business-oriented-banking-trojan/

Other Information

Uuid

2fb7e563-76f5-4ba4-a9e8-51f509dc804c

Last Card Change

2020-04-22

Threat Intelligence Garden

Explorer

Corkow

Corkow

Description

Names

Category

Type

Information

Other Information

Uuid

Last Card Change

Graph View

Table of Contents

Backlinks