trickbot | 332f79bcb0db2d1448dc2bb1d9385abcf35647f13fa6360343fc87b9d793a1af | Triage

Submit
Reports

Overview

overview

Static

static

332f79bcb0...af.exe

windows7-x64

332f79bcb0...af.exe

windows10-2004-x64

Sharing

General

Target

332f79bcb0db2d1448dc2bb1d9385abcf35647f13fa6360343fc87b9d793a1af
Size

456KB
Sample

230129-wba4vsfh34
MD5

92a1c42ec74509a9adbf7fc75b883744
SHA1

503be973393e658c26398129787a76f1be78ed9d
SHA256

332f79bcb0db2d1448dc2bb1d9385abcf35647f13fa6360343fc87b9d793a1af
SHA512

e9b25c38d90423be639bd321330ff9115b1a9de2c5d276b487a9b7ed52aecd70ca7f0889ceb9ba9906b389caffff147231daf5010c919f99b9b71aa63bfa80f2
SSDEEP

6144:B0NHLXu06G10lVMuofe6FC5T+9GvoiOMhV1v5iulsUUg0GyRo/vAGhwd/K6786TQ:mFLXuhXVMuTVT+IQiO0V5blsJGyCMbGf

Score

10^/10

trickbot banker trojan

Static task

static1

Behavioral task

behavioral1

Sample

332f79bcb0db2d1448dc2bb1d9385abcf35647f13fa6360343fc87b9d793a1af.exe

Resource

win7-20220901-en

trickbot banker trojan

windows7-x64

2 signatures

150 seconds

Behavioral task

behavioral2

Sample

332f79bcb0db2d1448dc2bb1d9385abcf35647f13fa6360343fc87b9d793a1af.exe

Resource

win10v2004-20220812-en

trickbot banker trojan

windows10-2004-x64

6 signatures

150 seconds

Malware Config

Targets

- Target
  
  332f79bcb0db2d1448dc2bb1d9385abcf35647f13fa6360343fc87b9d793a1af
- Size
  
  456KB
- MD5
  
  92a1c42ec74509a9adbf7fc75b883744
- SHA1
  
  503be973393e658c26398129787a76f1be78ed9d
- SHA256
  
  332f79bcb0db2d1448dc2bb1d9385abcf35647f13fa6360343fc87b9d793a1af
- SHA512
  
  e9b25c38d90423be639bd321330ff9115b1a9de2c5d276b487a9b7ed52aecd70ca7f0889ceb9ba9906b389caffff147231daf5010c919f99b9b71aa63bfa80f2
- SSDEEP
  
  6144:B0NHLXu06G10lVMuofe6FC5T+9GvoiOMhV1v5iulsUUg0GyRo/vAGhwd/K6786TQ:mFLXuhXVMuTVT+IQiO0V5blsJGyCMbGf
Score

10^/10

trickbot banker trojan
- Trickbot
  Developed in 2016, TrickBot is one of the more recent banking Trojans.
  trojan banker trickbot
- Trickbot x86 loader
  Detected Trickbot's x86 loader that unpacks the x86 payload.
- Executes dropped EXE
- Looks up external IP address via web service
  Uses a legitimate IP lookup service to find the infected system's external IP.
behavioral1 behavioral2

MITRE ATT&CK Matrix

Tasks

static1

behavioral1

trickbotbankertrojan

behavioral2

trickbotbankertrojan

© 2018-2024

Terms | Privacy