ThaiCERT    ETDA    MDES
Report
Search
Home > List all groups > List all tools > List all groups using tool Dark Tequila

Threat Group Cards: A Threat Actor Encyclopedia

Permanent link Tool: Dark Tequila

NamesDark Tequila
CategoryMalware
TypeBanking trojan, Backdoor, Info stealer, Credential stealer
Description(Kaspersky) Dark Tequila is a complex malicious campaign targeting Mexican users, with the primary purpose of stealing financial information, as well as login credentials to popular websites that range from code versioning repositories to public file storage accounts and domain registrars.

A multi-stage payload is delivered to the victim only when certain conditions are met; avoiding infection when security suites are installed or the sample is being run in an analysis environment. From the target list retrieved from the final payload, this particular campaign targets customers of several Mexican banking institutions and contains some comments embedded in the code written in the Spanish language, using words only spoken in Latin America.
Information<https://securelist.com/dark-tequila-anejo/87528/>
Malpedia<https://malpedia.caad.fkie.fraunhofer.de/details/win.darktequila>

Last change to this tool card: 23 May 2020

Download this tool card in JSON format

Previous: DarkPulsar
Next: DarkVNC

All groups using tool Dark Tequila

ChangedNameCountryObserved

Unknown groups

X_[ Interesting malware not linked to an actor yet ]_ 

1 group listed (0 APT, 0 other, 1 unknown)

Thailand Computer Emergency Response Team (ThaiCERT)
Electronic Transactions Development Agency

Follow us on

Facebook Twitter

Report incidents

Telephone +66 (0)2-123-1234
E-mail report@thaicert.or.th
PGP Download PGP key