trickbot | 55c9300471a970d07973c6c9027f4096397da573807d746fc3428d7f6626fcb0 | Triage

Submit
Reports

Overview

overview

Static

static

55c9300471...b0.exe

windows7-x64

55c9300471...b0.exe

windows10-2004-x64

Sharing

General

Target

55c9300471a970d07973c6c9027f4096397da573807d746fc3428d7f6626fcb0
Size

456KB
Sample

220725-sdb76abca3
MD5

d58a8f6dfeea35d6f39c1ae4b9dcbc9a
SHA1

8d68199e2ecf9e97f9d589bf331921e8505be4dc
SHA256

55c9300471a970d07973c6c9027f4096397da573807d746fc3428d7f6626fcb0
SHA512

ad4d17dc3bff7fd80a36405471bda911784068cd4cecb7ee37b24e6318634dcc0b6706ba3205d8cd2a0181cc3d644463bd345b8c44751ab4e36fb1efdafe9b3b

Score

10^/10

trickbot banker evasion trojan

Static task

static1

Behavioral task

behavioral1

Sample

55c9300471a970d07973c6c9027f4096397da573807d746fc3428d7f6626fcb0.exe

Resource

win7-20220718-en

trickbot banker evasion trojan

windows7-x64

11 signatures

150 seconds

Behavioral task

behavioral2

Sample

55c9300471a970d07973c6c9027f4096397da573807d746fc3428d7f6626fcb0.exe

Resource

win10v2004-20220721-en

trickbot banker trojan

windows10-2004-x64

6 signatures

150 seconds

Malware Config

Targets

- Target
  
  55c9300471a970d07973c6c9027f4096397da573807d746fc3428d7f6626fcb0
- Size
  
  456KB
- MD5
  
  d58a8f6dfeea35d6f39c1ae4b9dcbc9a
- SHA1
  
  8d68199e2ecf9e97f9d589bf331921e8505be4dc
- SHA256
  
  55c9300471a970d07973c6c9027f4096397da573807d746fc3428d7f6626fcb0
- SHA512
  
  ad4d17dc3bff7fd80a36405471bda911784068cd4cecb7ee37b24e6318634dcc0b6706ba3205d8cd2a0181cc3d644463bd345b8c44751ab4e36fb1efdafe9b3b
Score

10^/10

trickbot banker evasion trojan
- Trickbot
  Developed in 2016, TrickBot is one of the more recent banking Trojans.
  trojan banker trickbot
- Trickbot x86 loader
  Detected Trickbot's x86 loader that unpacks the x86 payload.
- Executes dropped EXE
- Stops running service(s)
  evasion
- Loads dropped DLL
- Drops file in System32 directory
behavioral1 behavioral2

MITRE ATT&CK Matrix ATT&CK v6

Initial Access

Execution

Persistence

Modify Existing Service

Privilege Escalation

Defense Evasion

Impair Defenses

Credential Access

Discovery

Lateral Movement

Collection

Exfiltration

Command and Control

Impact

Service Stop

Tasks

static1

behavioral1

trickbotbankerevasiontrojan

behavioral2

trickbotbankertrojan

© 2018-2024

Terms | Privacy