trickbot | b1dff95ce2aa69c70a79b6bf7897b1f614908d882322fc177d2199a09414e166 | Triage

Submit
Reports

Overview

overview

Static

static

b1dff95ce2...66.exe

windows7-x64

b1dff95ce2...66.exe

windows10-2004-x64

Sharing

General

Target

b1dff95ce2aa69c70a79b6bf7897b1f614908d882322fc177d2199a09414e166
Size

740KB
Sample

220731-kwp8qsabdp
MD5

94e17391b28b4ede8df39dc8b0fa329f
SHA1

3bbfccc52f6f62ad132dc7a47a1fa460a31da1b7
SHA256

b1dff95ce2aa69c70a79b6bf7897b1f614908d882322fc177d2199a09414e166
SHA512

f621808783196877830f8bc8daf023f3053ebff18347c589d60590f48e7e3ccccfaffe774aaaaae3d5a704c37d08f29dd7f8c2341d873eeed00d969bc669ea3b

Score

10^/10

trickbot banker trojan

Static task

static1

Behavioral task

behavioral1

Sample

b1dff95ce2aa69c70a79b6bf7897b1f614908d882322fc177d2199a09414e166.exe

Resource

win7-20220715-en

trickbot banker trojan

windows7-x64

8 signatures

150 seconds

Behavioral task

behavioral2

Sample

b1dff95ce2aa69c70a79b6bf7897b1f614908d882322fc177d2199a09414e166.exe

Resource

win10v2004-20220721-en

trickbot banker trojan

windows10-2004-x64

7 signatures

150 seconds

Malware Config

Targets

- Target
  
  b1dff95ce2aa69c70a79b6bf7897b1f614908d882322fc177d2199a09414e166
- Size
  
  740KB
- MD5
  
  94e17391b28b4ede8df39dc8b0fa329f
- SHA1
  
  3bbfccc52f6f62ad132dc7a47a1fa460a31da1b7
- SHA256
  
  b1dff95ce2aa69c70a79b6bf7897b1f614908d882322fc177d2199a09414e166
- SHA512
  
  f621808783196877830f8bc8daf023f3053ebff18347c589d60590f48e7e3ccccfaffe774aaaaae3d5a704c37d08f29dd7f8c2341d873eeed00d969bc669ea3b
Score

10^/10

trickbot banker trojan
- Trickbot
  Developed in 2016, TrickBot is one of the more recent banking Trojans.
  trojan banker trickbot
- Trickbot x86 loader
  Detected Trickbot's x86 loader that unpacks the x86 payload.
- Executes dropped EXE
- Checks computer location settings
  Looks up country code configured in the registry, likely geofence.
- Loads dropped DLL
behavioral1 behavioral2

MITRE ATT&CK Matrix ATT&CK v6

Initial Access

Execution

Persistence

Privilege Escalation

Defense Evasion

Credential Access

Discovery

Query Registry

System Information Discovery

Lateral Movement

Collection

Exfiltration

Command and Control

Impact

Tasks

static1

behavioral1

trickbotbankertrojan

behavioral2

trickbotbankertrojan

© 2018-2024

Terms | Privacy