Dumping Core: Analytical Findings on Trojan.Corebo

February 10, 2016 ASERT team

Download the full report here.

The Corebot banking trojan was initially discovered and documented last year by researchers at Security Intelligence. Since then, it has evolved rapidly and, in terms of capabilities such as browser-based web injections, it is now similar to the dominant banking malware such as Zeus, Neverquest, and Dyreza although its actual impact to date is nowhere close.

ASERT has been studying and monitoring Corebot since shortly after it was initially documented and an in-depth analysis of Corebot’s inner workings are provided in this threat intelligence report, including coverage of its cryptography, network behavior, and banking targets.


Previous Article
Estimating the Revenue of a Russian DDoS Booter
Estimating the Revenue of a Russian DDoS Booter

At the end of 2014, ASERT presented research where we mapped some DDoS booter advertisements on Russian lan...

Next Article
The Big Bong Theory: Conjectures on a Korean Banking Trojan

Download the full report here. ASERT has been analyzing samples of a banking trojan targeting South Korean ...