<<< Hide Navigation Hide TOC >>>

Retefe (87b69cb4-8b65-47ee-91b0-9b1decdd5c5c)

Retefe is a banking trojan that is distributed by what SWITCH CERT calls the Retefe gang or Operation Emmental. It uses geolocation based targeting. It also leverages fake root certificate and changes the DNS server for domain name resolution in order to display fake banking websites to victims. It is spread primarily through malspam emails.

Rows: 2

Loading extensions...

Use the filters above each column to filter and limit table data. Advanced searches can be performed by using the following operators:
<, <=, >, >=, =, *, !, {, }, ||,&&, [empty], [nonempty], rgx:
Learn more

---

TableFilter v0.7.2

https://www.tablefilter.com/
©2015-2025 Max Guglielmi

Close

?

Cluster A	Galaxy A	Cluster B	Galaxy B	Level
	Clear Banker		Clear Malpedia	Clear 1
Retefe (87b69cb4-8b65-47ee-91b0-9b1decdd5c5c)	Banker	Dok (80acc956-d418-42e3-bddf-078695a01289)	Malpedia	1
Retefe (87b69cb4-8b65-47ee-91b0-9b1decdd5c5c)	Banker	Retefe (Android) (22ef1e56-7778-41d1-9b2b-737aa5bf9777)	Malpedia	1