Overview

overview

10

Static

static

kdfjglkdfg.exe.dll

windows7_x64

10

kdfjglkdfg.exe.dll

windows10_x64

10

Sharing

Copy URL
Twitter E-mail

General

  • Target

    kdfjglkdfg.exe

  • Size

    407KB

  • Sample

    201118-212jjjq5cj

  • MD5

    cd424ccdabd6cfac66395d687b41db6a

  • SHA1

    78fe1f1f5547865f1cac31e36da5e970bbf05268

  • SHA256

    4b592bd56c7d722bc226dcd4c37630c2483f3771a71e7d4f7e57e9ffb867458e

  • SHA512

    f59b6d2a210a4ef26b64597fe988c7e778cfa3f11f9f72297c11cd351f49640c56e0c102688a41be11a222531526119c0be5a68306f9fd79d45fe9df74c1acf9

Score
10/10
trickbottar3bankerdavetrojan

Malware Config

Extracted

Family

trickbot

Version

100002

Botnet

tar3

C2

195.123.240.138:443

162.212.158.129:443

144.172.64.26:443

62.108.37.145:443

91.200.103.193:443

194.5.249.195:443

195.123.240.18:443
Attributes
  • autorun
    Name:pwgrab
ecc_pubkey.base64

Targets

    • Target

      kdfjglkdfg.exe

    • Size

      407KB

    • MD5

      cd424ccdabd6cfac66395d687b41db6a

    • SHA1

      78fe1f1f5547865f1cac31e36da5e970bbf05268

    • SHA256

      4b592bd56c7d722bc226dcd4c37630c2483f3771a71e7d4f7e57e9ffb867458e

    • SHA512

      f59b6d2a210a4ef26b64597fe988c7e778cfa3f11f9f72297c11cd351f49640c56e0c102688a41be11a222531526119c0be5a68306f9fd79d45fe9df74c1acf9

    Score
    10/10
    trickbottar3bankerdavetrojan

    • Trickbot

      Developed in 2016, TrickBot is one of the more recent banking Trojans.

      trojanbankertrickbot

    • Dave packer

      Detects executable packed with a packer named 'Dave' from the community, due to a string at the end of it.

      dave
    behavioral1behavioral2

MITRE ATT&CK Matrix

Tasks