trickbot | 3308ea4df1eda5afde4c5a2c015e1cfe3952690d38243ed5a6e8052af98cb958 | Triage

Submit
Reports

Overview

overview

Static

static

3308ea4df1...58.exe

windows7-x64

3308ea4df1...58.exe

windows10-2004-x64

Sharing

General

Target

3308ea4df1eda5afde4c5a2c015e1cfe3952690d38243ed5a6e8052af98cb958
Size

288KB
Sample

221130-xhntzaeh67
MD5

4839a60c7038ba8a3df23995514ccf18
SHA1

a391eedf78aeb3da3fdb933f76e53d50f74d0c29
SHA256

3308ea4df1eda5afde4c5a2c015e1cfe3952690d38243ed5a6e8052af98cb958
SHA512

5920ab0509b0c73085e0210cb4d4d0bb0bbb89949ddce1f9fdd831437b0f327e9376d12528fd709af987377a4b3b0f1ebabd3dea4af22edfe4e8b059c5150eac
SSDEEP

3072:8aSRhCqhfMeYVisu7vVOYT4m/xVhaIlfd6ZO0o/KjUQUrzq9KjKT:8phCym9u7UuVQI36LoCjU7zqEO

Score

10^/10

trickbot banker trojan

Static task

static1

Behavioral task

behavioral1

Sample

3308ea4df1eda5afde4c5a2c015e1cfe3952690d38243ed5a6e8052af98cb958.exe

Resource

win7-20220901-en

trickbot banker trojan

windows7-x64

3 signatures

150 seconds

Behavioral task

behavioral2

Sample

3308ea4df1eda5afde4c5a2c015e1cfe3952690d38243ed5a6e8052af98cb958.exe

Resource

win10v2004-20220901-en

trickbot banker trojan

windows10-2004-x64

7 signatures

150 seconds

Malware Config

Targets

- Target
  
  3308ea4df1eda5afde4c5a2c015e1cfe3952690d38243ed5a6e8052af98cb958
- Size
  
  288KB
- MD5
  
  4839a60c7038ba8a3df23995514ccf18
- SHA1
  
  a391eedf78aeb3da3fdb933f76e53d50f74d0c29
- SHA256
  
  3308ea4df1eda5afde4c5a2c015e1cfe3952690d38243ed5a6e8052af98cb958
- SHA512
  
  5920ab0509b0c73085e0210cb4d4d0bb0bbb89949ddce1f9fdd831437b0f327e9376d12528fd709af987377a4b3b0f1ebabd3dea4af22edfe4e8b059c5150eac
- SSDEEP
  
  3072:8aSRhCqhfMeYVisu7vVOYT4m/xVhaIlfd6ZO0o/KjUQUrzq9KjKT:8phCym9u7UuVQI36LoCjU7zqEO
Score

10^/10

trickbot banker trojan
- Trickbot
  Developed in 2016, TrickBot is one of the more recent banking Trojans.
  trojan banker trickbot
- Trickbot x86 loader
  Detected Trickbot's x86 loader that unpacks the x86 payload.
- Executes dropped EXE
- Looks up external IP address via web service
  Uses a legitimate IP lookup service to find the infected system's external IP.
behavioral1 behavioral2

MITRE ATT&CK Matrix

Tasks

static1

behavioral1

trickbotbankertrojan

behavioral2

trickbotbankertrojan

© 2018-2024

Terms | Privacy