Today > | 9 High | 16 Medium vulnerabilities   -   You can now download lists of IOCs here!

A Look Back: The Evolution of Latin American eCrime Malware in 2024

Dec. 18, 2024, 7:40 p.m.

Tags
phishing
javascript
rust
banking trojan
information stealer
2024-12-18
nirsoft
External References
Description

Latin American cybercrime continues to evolve as adversaries refine their tactics and techniques. Key developments in 2024 include the adoption of Rust for improved evasion, consistent use of multi-stage infection chains and malspam campaigns, and evidence of collaboration among threat actors. Notable updates were observed across malware families like Mispadu, Kiron, Caiman, Culebra, Salve, and Astaroth. These updates ranged from new delivery mechanisms and obfuscation techniques to enhanced stealer features. Despite innovations, Delphi-based components remain prevalent. The ongoing refinement of these malware families highlights the adaptability and ingenuity of Latin American cybercriminals in sustaining their operations.

Date

Published: Dec. 18, 2024, 7:17 p.m.

Created: Dec. 18, 2024, 7:17 p.m.

Modified: Dec. 18, 2024, 7:40 p.m.

Indicators

fc258ef827620184253ba37d94efc0043745c29cf3c9f21a6c730f7727d6d076

d7a918b29b4423b2a4be151f1b37c28abc081068c13a04ad8fd70dbd725d659b

bbf766df1972966b0ab3928d82c61d953e849638bb2c0bab60df3ad8aaacf174

ba4e715fe25aeaaf186e8395c2f13ca580457ab4e8ec1c037fd13821d97a6848

b23aabe16db5f6ccdd061b457d01b94647ed5b5852806624dca277b43d63e188

aec68d256d8d2caf2d94c5944279806dd4da36d125c7a7d1485c89f718d0db15

60b32e40ec0a5e59081fa9816a26346892899175ce97c811761423c3533e0651

5f6c0ba669db489bc2ff186af312bfe7616f9e4a12706e195225da7168e10db0

5d74d439bbb0be789e23bdaafd8cff938e6e686af7c8e215dc945cacc88d131c

46b8e68f5e85935349d0bfc555b9786f7adbac9ec9a9fa174ba0c4f89baa098f

57e76a7af5bafb4ff06f5f44dcf1182ea5c6a8682651c260f555c52fd441b412

3972d6c85bb37889265fef3bb3b3ed8494e038ca37e345a515e39b3e95766a50

2776c052d11f52501871c4cb5a051a1970f002c3f099969040945fb94a158d9a

27f482377777a1b8e1e679863685f64121f28e1e6e2bba832397269d1763e118

15899e250892c2cc6b38d7cdcd2a3934a49c5dca954889564a98d15a52bf3b7c

129971e378991d14c444db7a7f4c9a16ece750dd6498261d2f35c85baa9bfd07

148cd318aec19451b9ad17e58e0d97ebaffd46b56d3528608de20b95dd429c45

0f035dced631ac58cfae510cfc61bb1dbef119331a8aea8d5c724a5ddca0f8c5

07a58395e20090f139eb0cb3aa1872da4fae8c1630de818a405d3329a7406150

84.246.85.94

38.54.57.26

192.101.68.150

162.200.178.68

147.45.116.5

108.165.96.26

191.55.53.136

http://84.246.85.94:7890

lovecollege.hosthampster.com

massgrave.site

adjunto.pdfxml.store

contpt.top

api.cacher.io

Download all indicators here!

Attack Patterns

Astaroth

Salve

Caiman

Culebra

Kiron

Mispadu

Guildma

SAMBA SPIDER

T1574.002

T1059.005

T1059.003

T1059.001

T1189

T1059.007

T1573

T1071

T1102

T1020

T1036

T1204

T1140

T1132

T1027

T1001

T1566

T1059

Additional Informations

Finance

Costa Rica

Chile

Argentina

Peru

Ecuador

Mexico

Brazil