trickbot | 13ab909bcbf0349feee2a78c565967e7c680b04f5fffa263b2c9884611bcec45 | Triage

Submit
Reports

Overview

overview

Static

static

13ab909bcb...45.exe

windows7_x64

13ab909bcb...45.exe

windows10-2004_x64

Sharing

General

Target

13ab909bcbf0349feee2a78c565967e7c680b04f5fffa263b2c9884611bcec45
Size

461KB
Sample

220603-f3r9fshef6
MD5

2ad53fba4e9752ea824e7e944db0e56b
SHA1

1d0d217d024485cd0026c58041bc856ec26478f9
SHA256

13ab909bcbf0349feee2a78c565967e7c680b04f5fffa263b2c9884611bcec45
SHA512

01dc78c6da6d58a95df7e3abc1d732bad4ae446d6a9c5e4d848aa6d1061bb2352104a24b20e582263ebb60262399cf2e5160f5dea41fb2c9b27cbce8e988e0bc

Score

10^/10

trickbot banker trojan

Static task

static1

Behavioral task

behavioral1

Sample

13ab909bcbf0349feee2a78c565967e7c680b04f5fffa263b2c9884611bcec45.exe

Resource

win7-20220414-en

trickbot banker trojan

windows7_x64

0 signatures

0 seconds

Behavioral task

behavioral2

Sample

13ab909bcbf0349feee2a78c565967e7c680b04f5fffa263b2c9884611bcec45.exe

Resource

win10v2004-20220414-en

trickbot banker trojan

windows10-2004_x64

0 signatures

0 seconds

Malware Config

Targets

- Target
  
  13ab909bcbf0349feee2a78c565967e7c680b04f5fffa263b2c9884611bcec45
- Size
  
  461KB
- MD5
  
  2ad53fba4e9752ea824e7e944db0e56b
- SHA1
  
  1d0d217d024485cd0026c58041bc856ec26478f9
- SHA256
  
  13ab909bcbf0349feee2a78c565967e7c680b04f5fffa263b2c9884611bcec45
- SHA512
  
  01dc78c6da6d58a95df7e3abc1d732bad4ae446d6a9c5e4d848aa6d1061bb2352104a24b20e582263ebb60262399cf2e5160f5dea41fb2c9b27cbce8e988e0bc
Score

10^/10

trickbot banker trojan
- Trickbot
  Developed in 2016, TrickBot is one of the more recent banking Trojans.
  trojan banker trickbot
- Trickbot x86 loader
  Detected Trickbot's x86 loader that unpacks the x86 payload.
- Executes dropped EXE
- Checks computer location settings
  Looks up country code configured in the registry, likely geofence.
- Drops file in System32 directory
behavioral1 behavioral2

MITRE ATT&CK Matrix ATT&CK v6

Initial Access

Execution

Persistence

Privilege Escalation

Defense Evasion

Credential Access

Discovery

Query Registry

System Information Discovery

Lateral Movement

Collection

Exfiltration

Command and Control

Impact

Tasks

static1

behavioral1

trickbotbankertrojan

behavioral2

trickbotbankertrojan

© 2018-2024

Terms | Privacy