URLZone

Description

(FireEye) URLZone is a banking trojan. It downloads a configuration file that contains information on targeted financial institutions, and uses web injection techniques to steal a user’s banking credentials.

Names

Name
URLZone
Bebloh
Shiotob

Type

Banking trojan
Info stealer
Credential stealer

Information

https://www.fireeye.com/blog/threat-research/2016/01/urlzone_zones_inon.html
https://www.gdatasoftware.com/blog/2013/12/23978-bebloh-a-well-known-banking-trojan-with-noteworthy-innovations
https://www.johannesbader.ch/2015/01/the-dga-of-shiotob/
https://www.proofpoint.com/us/threat-insight/post/Vawtrak-UrlZone-Banking-Trojans-Target-Japan
https://www.arbornetworks.com/blog/asert/an-update-on-the-urlzone-banker/
https://www.cybereason.com/blog/new-ursnif-variant-targets-japan-packed-with-new-features
https://www.crowdstrike.com/blog/cutwail-spam-campaign-uses-steganography-to-distribute-urlzone/
https://www.virusbulletin.com/virusbulletin/2012/09/urlzone-reloaded-new-evolution/
http://blog.inquest.net/blog/2019/03/09/Analyzing-Sophisticated-PowerShell-Targeting-Japan/
https://krebsonsecurity.com/2011/07/trojan-tricks-victims-into-transfering-funds/

Malpedia

https://malpedia.caad.fkie.fraunhofer.de/details/win.urlzone

Alienvault Otx

https://otx.alienvault.com/browse/pulses?q=tag:urlzone

Other Information

Uuid

c2c5c377-1ce2-4488-8dc9-300465eb096e

Last Card Change

2020-05-14

Threat Intelligence Garden

Explorer

URLZone

URLZone

Description

Names

Category

Type

Information

Malpedia

Alienvault Otx

Other Information

Uuid

Last Card Change

Graph View

Table of Contents

Backlinks