CoreBot is new information-stealing malware in the wild with a modular design that could turn it into something worse. IBM said some security detection systems are flagging CoreBot as Dynamer!ac or Eldorado. For now, it seems content vacuuming up system and email credentials, as well as software keys. The malware also uses Windows Power Shell and Microsoft automation and configuration management tools to download malware from the Internet. IBM also spotted a de-activated domain generation algorithm in the malware.
Source: https://threatpost.com/corebot-malware-steals-credentials-for-now/114475/