trickbot | 5f0f526224662093e053e734c0efee8f820c8664573bdf95bd20d4558814d4d9 | Triage

Analysis

max time kernel
35s
max time network
46s
platform
windows7_x64
resource
win7-20220718-en
resource tags

arch:x64arch:x86image:win7-20220718-enlocale:en-usos:windows7-x64system
submitted
31-07-2022 18:25

Sharing

Report Analysis Logs

General

Target

5f0f526224662093e053e734c0efee8f820c8664573bdf95bd20d4558814d4d9.exe
Size

509KB
MD5

5de0159c82fdd78e94b2565d105d3dae
SHA1

2b267c1cfde9af7d1807983f69d83cff234d0fe6
SHA256

5f0f526224662093e053e734c0efee8f820c8664573bdf95bd20d4558814d4d9
SHA512

8100297f681243c29d5d4e33d48d8bfa64b0dbef6530f8a1b78d6120a15f04d8ccc8a034865d5c9321e5bab97098ab2673385f1de62e3fb463a548ab5dc0cd94

Score

10^/10

trickbot banker trojan

Malware Config

Signatures

Trickbot
Developed in 2016, TrickBot is one of the more recent banking Trojans.
trojan banker trickbot

Trickbot x86 loader 1 IoCs

Detected Trickbot's x86 loader that unpacks the x86 payload.

Processes:

resource	yara_rule
behavioral1/memory/272-54-0x0000000010000000-0x0000000010040000-memory.dmp	trickbot_loader32

C:\Users\Admin\AppData\Local\Temp\5f0f526224662093e053e734c0efee8f820c8664573bdf95bd20d4558814d4d9.exe
"C:\Users\Admin\AppData\Local\Temp\5f0f526224662093e053e734c0efee8f820c8664573bdf95bd20d4558814d4d9.exe"
1⤵
PID:272

MITRE ATT&CK Matrix

Replay Monitor

Loading Replay Monitor...

Downloads

memory/272-54-0x0000000010000000-0x0000000010040000-memory.dmp

Filesize
256KB

Download