Numando

Description

(ESET) The threat actor behind this malware family has been active since at least 2018. Even though it is not nearly as lively as Mekotio or Grandoreiro, it has been consistently used since we started tracking it, bringing interesting new techniques to the pool of Latin American banking trojans’ tricks, like using seemingly useless ZIP archives or bundling payloads with decoy BMP images. Geographically, it focuses almost exclusively on Brazil with rare campaigns in Mexico and Spain.

Names

Name
Numando

Type

Banking trojan
Reconnaissance
Backdoor
Keylogger
Info stealer
Credential stealer

Information

https://www.welivesecurity.com/2021/09/17/numando-latam-banking-trojan/
https://www.welivesecurity.com/2020/10/01/latam-financial-cybercrime-competitors-crime-sharing-ttps/

Malpedia

https://malpedia.caad.fkie.fraunhofer.de/details/win.numando

Other Information

Uuid

69a2b688-207b-49f4-a1f8-8ac568b6eca9

Last Card Change

2021-12-28

Threat Intelligence Garden

Explorer

Numando

Numando

Description

Names

Category

Type

Information

Malpedia

Other Information

Uuid

Last Card Change

Graph View

Table of Contents

Backlinks