Overview

overview

10

Static

static

win10-standard

windows10-2004-x64

10

Sharing

Copy URL
Twitter E-mail

General

  • Target

    b28e3da94bbeadd3d73d80007f889c1cde73bd53

  • Size

    451KB

  • Sample

    221007-a9ap4abbg6

  • MD5

    933103a4d17cfb59c3cdd3bc5562b9c0

  • SHA1

    b28e3da94bbeadd3d73d80007f889c1cde73bd53

  • SHA256

    2c418f0823efa7af1ce88a816add23e45058ff7ff5951251a450718861a4beb5

  • SHA512

    1b6b634292c6fab53bbfcef90c45a422a8cf4c5a36e051c5f82b79b0e9347b3ea00ac2c8b3855559f7b662bce92ea771e7aa4f8b332c185e9176608fa772e116

  • SSDEEP

    6144:A6D6bAa+urTedef/xi9hFj7AqnjtGaatHlqW6shOteyvd6XfRY:bXJfoijtGaaPqm0ey8XfRY

Score
10/10
trickbotbankertrojan

Malware Config

Targets

    • Target

      b28e3da94bbeadd3d73d80007f889c1cde73bd53

    • Size

      451KB

    • MD5

      933103a4d17cfb59c3cdd3bc5562b9c0

    • SHA1

      b28e3da94bbeadd3d73d80007f889c1cde73bd53

    • SHA256

      2c418f0823efa7af1ce88a816add23e45058ff7ff5951251a450718861a4beb5

    • SHA512

      1b6b634292c6fab53bbfcef90c45a422a8cf4c5a36e051c5f82b79b0e9347b3ea00ac2c8b3855559f7b662bce92ea771e7aa4f8b332c185e9176608fa772e116

    • SSDEEP

      6144:A6D6bAa+urTedef/xi9hFj7AqnjtGaatHlqW6shOteyvd6XfRY:bXJfoijtGaaPqm0ey8XfRY

    Score
    10/10
    trickbotbankertrojan

    • Trickbot

      Developed in 2016, TrickBot is one of the more recent banking Trojans.

      trojanbankertrickbot

    • Trickbot x86 loader

      Detected Trickbot's x86 loader that unpacks the x86 payload.

    • Executes dropped EXE

    • Checks computer location settings

      Looks up country code configured in the registry, likely geofence.

    behavioral1

MITRE ATT&CK Matrix ATT&CK v6

Initial Access

Execution

Persistence

Privilege Escalation

Defense Evasion

Credential Access

Discovery

Query Registry

1
T1012

System Information Discovery

2
T1082

Lateral Movement

Collection

Exfiltration

Command and Control

Impact

Tasks