Overview

overview

10

Static

static

3b954a9500...23.exe

windows7_x64

10

3b954a9500...23.exe

windows10-2004_x64

10

Analysis

  • max time kernel
    181s
  • max time network
    192s
  • platform
    windows10-2004_x64
  • resource
    win10v2004-20220414-en
  • submitted
    03-07-2022 16:01

Sharing

Copy URL
Twitter E-mail
Report Analysis Logs

General

  • Target

    3b954a95003838871dbfe77e0f8f390f4a72bb06651edaf2e60983dca6b72223.exe

  • Size

    492KB

  • MD5

    fc23fa436b55731d13db036e534913c9

  • SHA1

    806fb8500b37ef9b10bd79fdd6cf06ced1209566

  • SHA256

    3b954a95003838871dbfe77e0f8f390f4a72bb06651edaf2e60983dca6b72223

  • SHA512

    0f76041ee3f7cba562443cb00c053d7dadb4522082f4f3646c9367baf55fcf2b02d4dbf9865d589fbcab60b4ffda862a7bb08be4c304e11d8e44ff041305b3ab

Score
10/10
trickbotbankertrojan

Malware Config

Signatures

  • Trickbot

    Developed in 2016, TrickBot is one of the more recent banking Trojans.

    trojanbankertrickbot
  • Trickbot x86 loader 3 IoCs

    Detected Trickbot's x86 loader that unpacks the x86 payload.

  • Suspicious use of SetWindowsHookEx 2 IoCs

Processes

  • C:\Users\Admin\AppData\Local\Temp\3b954a95003838871dbfe77e0f8f390f4a72bb06651edaf2e60983dca6b72223.exe
    "C:\Users\Admin\AppData\Local\Temp\3b954a95003838871dbfe77e0f8f390f4a72bb06651edaf2e60983dca6b72223.exe"
    1⤵
    • Suspicious use of SetWindowsHookEx
    PID:2024

Network

MITRE ATT&CK Matrix

Replay Monitor

Loading Replay Monitor...

Downloads

  • memory/2024-130-0x00000000022B0000-0x00000000022B9000-memory.dmp
    Filesize

    36KB

    Download
  • memory/2024-132-0x0000000002210000-0x0000000002217000-memory.dmp
    Filesize

    28KB

    Download
  • memory/2024-133-0x00000000022B1000-0x00000000022B8000-memory.dmp
    Filesize

    28KB

    Download