Overview

overview

10

Static

static

5b9e2624ff...9e.exe

windows7-x64

1

5b9e2624ff...9e.exe

windows10-2004-x64

10

Sharing

Copy URL
Twitter E-mail

General

  • Target

    5b9e2624ff562a0574dc3c17e8427d5abd598b27861bd6670d13496ebaef419e

  • Size

    460KB

  • Sample

    220801-vrnjfsedh8

  • MD5

    3d55d71c3f0655837694ea125687e479

  • SHA1

    c710e631c126e7aab7daeadef15b8c38f0e8e132

  • SHA256

    5b9e2624ff562a0574dc3c17e8427d5abd598b27861bd6670d13496ebaef419e

  • SHA512

    d96a99887c3098a7cd18f70b5677ddb887bec05b7c9a8c896eee685136e89b69e375272c5f466037f5e231e1bf9137a442b403bf8793e8adf448862d4b4c44f7

Score
10/10
trickbotbankertrojan

Malware Config

Targets

    • Target

      5b9e2624ff562a0574dc3c17e8427d5abd598b27861bd6670d13496ebaef419e

    • Size

      460KB

    • MD5

      3d55d71c3f0655837694ea125687e479

    • SHA1

      c710e631c126e7aab7daeadef15b8c38f0e8e132

    • SHA256

      5b9e2624ff562a0574dc3c17e8427d5abd598b27861bd6670d13496ebaef419e

    • SHA512

      d96a99887c3098a7cd18f70b5677ddb887bec05b7c9a8c896eee685136e89b69e375272c5f466037f5e231e1bf9137a442b403bf8793e8adf448862d4b4c44f7

    Score
    10/10
    trickbotbankertrojan

    • Trickbot

      Developed in 2016, TrickBot is one of the more recent banking Trojans.

      trojanbankertrickbot

    • Trickbot x86 loader

      Detected Trickbot's x86 loader that unpacks the x86 payload.

    • Executes dropped EXE

    • Looks up external IP address via web service

      Uses a legitimate IP lookup service to find the infected system's external IP.

    behavioral1behavioral2

MITRE ATT&CK Matrix

Tasks