trickbot | ee41d0d58592efe1cb10c83b5b380266f60f9df4f49311943019cea1780dcd84 | Triage

Submit
Reports

Overview

overview

Static

static

ee41d0d585...84.exe

windows7-x64

ee41d0d585...84.exe

windows10-2004-x64

Sharing

General

Target

ee41d0d58592efe1cb10c83b5b380266f60f9df4f49311943019cea1780dcd84
Size

232KB
Sample

220731-freh8aaebp
MD5

fe0bf3c6a4d6c72a25690a967fdd0982
SHA1

19ed1b012e2b965e4832b6a83f01da3f8dbce379
SHA256

ee41d0d58592efe1cb10c83b5b380266f60f9df4f49311943019cea1780dcd84
SHA512

1992eba8780a95aca116f90b329adf7b9f688aedbfad9dc2b511eb71ef3dd59580234b6cf1967736b5bef0bfdf0e5a384cc137797b82baff3d37f3de9a4bce4d

Score

10^/10

trickbot banker evasion trojan

Static task

static1

Behavioral task

behavioral1

Sample

ee41d0d58592efe1cb10c83b5b380266f60f9df4f49311943019cea1780dcd84.exe

Resource

win7-20220715-en

trickbot banker evasion trojan

windows7-x64

10 signatures

150 seconds

Behavioral task

behavioral2

Sample

ee41d0d58592efe1cb10c83b5b380266f60f9df4f49311943019cea1780dcd84.exe

Resource

win10v2004-20220722-en

trickbot banker trojan

windows10-2004-x64

5 signatures

150 seconds

Malware Config

Targets

- Target
  
  ee41d0d58592efe1cb10c83b5b380266f60f9df4f49311943019cea1780dcd84
- Size
  
  232KB
- MD5
  
  fe0bf3c6a4d6c72a25690a967fdd0982
- SHA1
  
  19ed1b012e2b965e4832b6a83f01da3f8dbce379
- SHA256
  
  ee41d0d58592efe1cb10c83b5b380266f60f9df4f49311943019cea1780dcd84
- SHA512
  
  1992eba8780a95aca116f90b329adf7b9f688aedbfad9dc2b511eb71ef3dd59580234b6cf1967736b5bef0bfdf0e5a384cc137797b82baff3d37f3de9a4bce4d
Score

10^/10

trickbot banker evasion trojan
- Trickbot
  Developed in 2016, TrickBot is one of the more recent banking Trojans.
  trojan banker trickbot
- Trickbot x86 loader
  Detected Trickbot's x86 loader that unpacks the x86 payload.
- Executes dropped EXE
- Stops running service(s)
  evasion
- Loads dropped DLL
- Drops file in System32 directory
behavioral1 behavioral2

MITRE ATT&CK Matrix ATT&CK v6

Initial Access

Execution

Persistence

Modify Existing Service

Privilege Escalation

Defense Evasion

Impair Defenses

Credential Access

Discovery

Lateral Movement

Collection

Exfiltration

Command and Control

Impact

Service Stop

Tasks

static1

behavioral1

trickbotbankerevasiontrojan

behavioral2

trickbotbankertrojan

© 2018-2024

Terms | Privacy