General

  • Target

    5e02a568288390032621c6157be372199749fe33e65a0a77c4b45b2a1dbceb08

  • Size

    433KB

  • Sample

    220731-1lanasaehr

  • MD5

    482c816574a23bc607e22e05337e8197

  • SHA1

    450c44fd73af591d7944e461c847dd6b67e9b17a

  • SHA256

    5e02a568288390032621c6157be372199749fe33e65a0a77c4b45b2a1dbceb08

  • SHA512

    3d0fd087add2b1b412a7098dbe54a3b8e98668a226c9ce972a0e6042e072b54269252d33b0d17b9b3b3b8dd72e909f054034d23501856e7515237bce56d725c0

Score
10/10

Malware Config

Targets

    • Target

      5e02a568288390032621c6157be372199749fe33e65a0a77c4b45b2a1dbceb08

    • Size

      433KB

    • MD5

      482c816574a23bc607e22e05337e8197

    • SHA1

      450c44fd73af591d7944e461c847dd6b67e9b17a

    • SHA256

      5e02a568288390032621c6157be372199749fe33e65a0a77c4b45b2a1dbceb08

    • SHA512

      3d0fd087add2b1b412a7098dbe54a3b8e98668a226c9ce972a0e6042e072b54269252d33b0d17b9b3b3b8dd72e909f054034d23501856e7515237bce56d725c0

    Score
    10/10
    • Trickbot

      Developed in 2016, TrickBot is one of the more recent banking Trojans.

    • Trickbot x86 loader

      Detected Trickbot's x86 loader that unpacks the x86 payload.

    • Executes dropped EXE

    • Checks computer location settings

      Looks up country code configured in the registry, likely geofence.

    • Loads dropped DLL

MITRE ATT&CK Matrix ATT&CK v6

Discovery

Query Registry

1
T1012

System Information Discovery

2
T1082

Tasks