General

  • Target

    e1e8f2d69fe48bf6b52d75beb78cb36675b261b44b12682c860ce61176dfaaf2

  • Size

    500KB

  • Sample

    220731-f9y1kscbbn

  • MD5

    befa5f863f0135a4c707840bca4a00d8

  • SHA1

    59638e244df8b59916d1c16c94eae8ee8f2814b5

  • SHA256

    e1e8f2d69fe48bf6b52d75beb78cb36675b261b44b12682c860ce61176dfaaf2

  • SHA512

    7c4c59ebf90234ac018ba51c5a9a1d3804a5701388d87f04c4ccaf54be3fb0b88920ed7b8ee4f875704724363be3c762834bb529c0ea30c3b88930f1411b4154

Score
10/10

Malware Config

Targets

    • Target

      e1e8f2d69fe48bf6b52d75beb78cb36675b261b44b12682c860ce61176dfaaf2

    • Size

      500KB

    • MD5

      befa5f863f0135a4c707840bca4a00d8

    • SHA1

      59638e244df8b59916d1c16c94eae8ee8f2814b5

    • SHA256

      e1e8f2d69fe48bf6b52d75beb78cb36675b261b44b12682c860ce61176dfaaf2

    • SHA512

      7c4c59ebf90234ac018ba51c5a9a1d3804a5701388d87f04c4ccaf54be3fb0b88920ed7b8ee4f875704724363be3c762834bb529c0ea30c3b88930f1411b4154

    Score
    10/10
    • Trickbot

      Developed in 2016, TrickBot is one of the more recent banking Trojans.

    • Trickbot x86 loader

      Detected Trickbot's x86 loader that unpacks the x86 payload.

    • Executes dropped EXE

    • Checks computer location settings

      Looks up country code configured in the registry, likely geofence.

    • Loads dropped DLL

MITRE ATT&CK Matrix ATT&CK v6

Discovery

Query Registry

1
T1012

System Information Discovery

2
T1082

Tasks