trickbot | 6c4b3d51fe4c8c57b9e4cc2c31cd7960e47f66936e4ed4d321a0874b94204ee3 | Triage

Submit
Reports

Overview

overview

Static

static

6c4b3d51fe...e3.exe

windows7-x64

6c4b3d51fe...e3.exe

windows10-2004-x64

Sharing

General

Target

6c4b3d51fe4c8c57b9e4cc2c31cd7960e47f66936e4ed4d321a0874b94204ee3
Size

368KB
Sample

221018-dhfc2sebf8
MD5

ce0d380468c41fbc489fcaefcee3d211
SHA1

132fb83fa51c9624d2e5ddd6e5f40751ac839c63
SHA256

6c4b3d51fe4c8c57b9e4cc2c31cd7960e47f66936e4ed4d321a0874b94204ee3
SHA512

7c15e5648f9250522dd5279eb1d9b2c8fe6db0a572501856cf8d4c66161a4b73d3b28a4462a5c3900d665cdffd26391ea78ea8b9941c3e7ef903611ea10c0a38
SSDEEP

6144:eo5N5OazOZaTDWlVnrchrahdOxveC2wo80/agxb0zLz4qh:emSuOcHmnYhrDMTrban4qh

Score

10^/10

trickbot banker evasion trojan

Static task

static1

Behavioral task

behavioral1

Sample

6c4b3d51fe4c8c57b9e4cc2c31cd7960e47f66936e4ed4d321a0874b94204ee3.exe

Resource

win7-20220901-en

trickbot banker evasion trojan

windows7-x64

10 signatures

150 seconds

Behavioral task

behavioral2

Sample

6c4b3d51fe4c8c57b9e4cc2c31cd7960e47f66936e4ed4d321a0874b94204ee3.exe

Resource

win10v2004-20220812-en

trickbot banker trojan

windows10-2004-x64

5 signatures

150 seconds

Malware Config

Targets

- Target
  
  6c4b3d51fe4c8c57b9e4cc2c31cd7960e47f66936e4ed4d321a0874b94204ee3
- Size
  
  368KB
- MD5
  
  ce0d380468c41fbc489fcaefcee3d211
- SHA1
  
  132fb83fa51c9624d2e5ddd6e5f40751ac839c63
- SHA256
  
  6c4b3d51fe4c8c57b9e4cc2c31cd7960e47f66936e4ed4d321a0874b94204ee3
- SHA512
  
  7c15e5648f9250522dd5279eb1d9b2c8fe6db0a572501856cf8d4c66161a4b73d3b28a4462a5c3900d665cdffd26391ea78ea8b9941c3e7ef903611ea10c0a38
- SSDEEP
  
  6144:eo5N5OazOZaTDWlVnrchrahdOxveC2wo80/agxb0zLz4qh:emSuOcHmnYhrDMTrban4qh
Score

10^/10

trickbot banker evasion trojan
- Trickbot
  Developed in 2016, TrickBot is one of the more recent banking Trojans.
  trojan banker trickbot
- Trickbot x86 loader
  Detected Trickbot's x86 loader that unpacks the x86 payload.
- Executes dropped EXE
- Stops running service(s)
  evasion
- Loads dropped DLL
- Drops file in System32 directory
behavioral1 behavioral2

MITRE ATT&CK Matrix ATT&CK v6

Initial Access

Execution

Persistence

Modify Existing Service

Privilege Escalation

Defense Evasion

Impair Defenses

Credential Access

Discovery

Lateral Movement

Collection

Exfiltration

Command and Control

Impact

Service Stop

Tasks

static1

behavioral1

trickbotbankerevasiontrojan

behavioral2

trickbotbankertrojan

© 2018-2024

Terms | Privacy