TreasureHunter

Description

(FireEye) In this article we examine TREASUREHUNT, POS malware that appears to have been custom-built for the operations of a particular “dump shop,” which sells stolen credit card data. TREASUREHUNT enumerates running processes, extracts payment card information from memory, and then transmits this information to a command and control server.

Names

Name
TreasureHunter
TREASUREHUNT
huntpos

Type

POS malware
Credential stealer

Information

https://www.fireeye.com/blog/threat-research/2016/03/treasurehunt_a_cust.html
https://isc.sans.edu/diary/How+Malware+Generates+Mutex+Names+to+Evade+Detection/19429/
https://www.flashpoint-intel.com/blog/treasurehunter-source-code-leaked/
http://adelmas.com/blog/treasurehunter.php
https://blog.group-ib.com/majikpos_treasurehunter_malware

Malpedia

https://malpedia.caad.fkie.fraunhofer.de/details/win.treasurehunter

Alienvault Otx

https://otx.alienvault.com/browse/pulses?q=tag:treasurehunt

Other Information

Uuid

fe027e13-3f88-49f6-8b42-2f435b61edc0

Last Card Change

2022-11-18

Threat Intelligence Garden

Explorer

TreasureHunter

TreasureHunter

Description

Names

Category

Type

Information

Malpedia

Alienvault Otx

Other Information

Uuid

Last Card Change

Graph View

Table of Contents

Backlinks