Overview

overview

10

Static

static

cb4dd27d08...60.exe

windows7-x64

10

cb4dd27d08...60.exe

windows10-2004-x64

10

Analysis

  • max time kernel
    416s
  • max time network
    420s
  • platform
    windows7_x64
  • resource
    win7-20220812-en
  • resource tags

    arch:x64arch:x86image:win7-20220812-enlocale:en-usos:windows7-x64system
  • submitted
    02-11-2022 19:43

Sharing

Copy URL
Twitter E-mail
Report Analysis Logs

General

  • Target

    cb4dd27d08d6def2d5e180f2a99dfc510165aa25c431edd229485fe386818c60.exe

  • Size

    760KB

  • MD5

    5e067587dd3c30aeb6098c4ed610b231

  • SHA1

    f44daebb6d0ae3422789bd5a8a15e0ea689a0e43

  • SHA256

    cb4dd27d08d6def2d5e180f2a99dfc510165aa25c431edd229485fe386818c60

  • SHA512

    8171e91bd36a9adc22f5836ede97ebe4f03f545267862c4dd69b492d9b3a2f34a21cd1c7ef3cc3777215d8c0da20119567fb168e7be866fa2d6e03040a4f3d17

  • SSDEEP

    12288:ODoEtDoTDoO9upOnYIhGEiqJ74B5sw/8wUXJwEwSJh:ODLDuDmuYIhGET7PnwS/

Score
10/10
trickbotbankertrojan

Malware Config

Signatures

  • Trickbot

    Developed in 2016, TrickBot is one of the more recent banking Trojans.

    trojanbankertrickbot
  • Trickbot x86 loader 2 IoCs

    Detected Trickbot's x86 loader that unpacks the x86 payload.

  • Suspicious use of SetWindowsHookEx 2 IoCs

Processes

  • C:\Users\Admin\AppData\Local\Temp\cb4dd27d08d6def2d5e180f2a99dfc510165aa25c431edd229485fe386818c60.exe
    "C:\Users\Admin\AppData\Local\Temp\cb4dd27d08d6def2d5e180f2a99dfc510165aa25c431edd229485fe386818c60.exe"
    1⤵
    • Suspicious use of SetWindowsHookEx
    PID:1388

Network

MITRE ATT&CK Matrix

Replay Monitor

Loading Replay Monitor...

Downloads

  • memory/1388-57-0x00000000005E0000-0x0000000000611000-memory.dmp
    Filesize

    196KB

    Download
  • memory/1388-59-0x00000000768A1000-0x00000000768A3000-memory.dmp
    Filesize

    8KB

    Download
  • memory/1388-60-0x00000000005E0000-0x0000000000611000-memory.dmp
    Filesize

    196KB

    Download