Home
Product
CloudSEK XVigil
External Digital Risk Protection
CloudSEK SVigil
Software and Supply chain Risk Monitoring and Protection
CloudSEK BeVigil
Community
Application Scanner
Solutions
Cyber Threats Monitoring
Dark web monitoring
Brand Threats Monitoring
Infrastructure Monitoring
Resources
Resources
Blog
The latest industry news, updates and info.
Threat Intelligence
Get up and running on new threat reports and techniques.
Whitepapers & Reports
The content team broke their backs making these reports.
Customer stories
Learn how our customers are making big changes. You have got good company!
Company
Integrations
We are more connected than you know. Explore all Integrations
Partners
100s of partners and one Shared goal; Secure future for all us.
About us
Learn about our story and our mission statement.
Life at CloudSEK
A sneak peek at the awesome life at CloudSEK.
Careers
We're hiring!
We are in love with undeniable talent. Join our team!
Legal
All the boring but necessary legalese that legal made us add.
Resources
Blog Posts
Security Flaw in Atlassian Products (Jira, Confluence,Trello, BitBucket) Affecting Multiple Companies
Read Now
All Blog Posts
Whitepapers & Reports
Global Cyber Security Incidents - Q4 2022
Read the Report now!
All Reports
Log in
Schedule a Demo
All Threat Intelligence posts
Zeus Sphinx banking Trojan masquerades as relief payment
April 3, 2020
•
4
min read
The Carrier
Password-protected malicious document (dubbed
COVID 19 Relief.doc
)
distributed
via phishing email.
It claims to gather details of individuals, for relief payments offered by the Government.
Once opened, it enables macros features on the target’s computer, infecting with Sphinx banking Trojan.
The Malware
The
malicious code hijacks Windows processes
to fetch a malware downloader (
kofet.dll
).
The downloader then fetches the final payload from C2C. After the system is fully compromised, the malware establishes persistence by modifying Windows registry, and injecting malicious data to %APPDATA% and other folders.
Tags:
No items found.