Zeus Sphinx banking Trojan masquerades as relief payment

Yet another attempt to cash in on the fears of Coronavirus, with COVID-themed phishing. Zeus Sphynx targets banks, delivers malicious email attachments.
Updated on
February 27, 2023
Published on
April 3, 2020
Read time
Subscribe to the latest industry news, technologies and resources.

The Carrier

The Malware

  • The malicious code hijacks Windows processes to fetch a malware downloader (kofet.dll).
  • The downloader then fetches the final payload from C2C. After the system is fully compromised, the malware establishes persistence by modifying Windows registry, and injecting malicious data to %APPDATA% and other folders.

Get Global Threat Intelligence on Real Time

Protect your business from cyber threats with real-time global threat intelligence data.. 30-day free and No Commitment Trial.
Schedule a Demo
Real time Threat Intelligence Data
More information and context about Underground Chatter
On-Demand Research Services
Related Intelligence Posts
No items found.