trickbot | 76ab3bab55e55afdff24f971410b2e7b071edac304bddb791d687a0c084289b0 | Triage

Submit
Reports

Overview

overview

Static

static

76ab3bab55...b0.exe

windows7-x64

76ab3bab55...b0.exe

windows10-2004-x64

Sharing

General

Target

76ab3bab55e55afdff24f971410b2e7b071edac304bddb791d687a0c084289b0
Size

492KB
Sample

220731-kwt7paabej
MD5

e29212a7f10f41c4404f694162b91de8
SHA1

cb189d1eb74822a12b3f4efba5328400d7d81da0
SHA256

76ab3bab55e55afdff24f971410b2e7b071edac304bddb791d687a0c084289b0
SHA512

a86688ac819f7692ee7bc485bf7d89e53f6f422dffe036aa5a10730c82c6db816a4b25583835a77b8c76d674e5ac0b800752c5d6c69ca1c8cbd3003fa72ac40b

Score

10^/10

trickbot banker trojan

Static task

static1

Behavioral task

behavioral1

Sample

76ab3bab55e55afdff24f971410b2e7b071edac304bddb791d687a0c084289b0.exe

Resource

win7-20220718-en

trickbot banker trojan

windows7-x64

7 signatures

150 seconds

Behavioral task

behavioral2

Sample

76ab3bab55e55afdff24f971410b2e7b071edac304bddb791d687a0c084289b0.exe

Resource

win10v2004-20220721-en

trickbot banker trojan

windows10-2004-x64

8 signatures

150 seconds

Malware Config

Targets

- Target
  
  76ab3bab55e55afdff24f971410b2e7b071edac304bddb791d687a0c084289b0
- Size
  
  492KB
- MD5
  
  e29212a7f10f41c4404f694162b91de8
- SHA1
  
  cb189d1eb74822a12b3f4efba5328400d7d81da0
- SHA256
  
  76ab3bab55e55afdff24f971410b2e7b071edac304bddb791d687a0c084289b0
- SHA512
  
  a86688ac819f7692ee7bc485bf7d89e53f6f422dffe036aa5a10730c82c6db816a4b25583835a77b8c76d674e5ac0b800752c5d6c69ca1c8cbd3003fa72ac40b
Score

10^/10

trickbot banker trojan
- Trickbot
  Developed in 2016, TrickBot is one of the more recent banking Trojans.
  trojan banker trickbot
- Trickbot x86 loader
  Detected Trickbot's x86 loader that unpacks the x86 payload.
- Executes dropped EXE
- Checks computer location settings
  Looks up country code configured in the registry, likely geofence.
- Loads dropped DLL
behavioral1 behavioral2

MITRE ATT&CK Matrix ATT&CK v6

Initial Access

Execution

Persistence

Privilege Escalation

Defense Evasion

Credential Access

Discovery

Query Registry

System Information Discovery

Lateral Movement

Collection

Exfiltration

Command and Control

Impact

Tasks

static1

behavioral1

trickbotbankertrojan

behavioral2

trickbotbankertrojan

© 2018-2024

Terms | Privacy