trickbot | 732a688e619a0f755e0da9303135aa3360dca3098e113a758f8fa6505b7705c7 | Triage

Submit
Reports

Overview

overview

Static

static

732a688e61...c7.exe

windows7-x64

732a688e61...c7.exe

windows10-2004-x64

Resubmissions

29-01-2023 17:44

230129-wbbqdshc5z 10

Sharing

General

Target

732a688e619a0f755e0da9303135aa3360dca3098e113a758f8fa6505b7705c7
Size

329KB
Sample

230129-wbbqdshc5z
MD5

27837c212d654407b893ca689aa71ed4
SHA1

ac0ec08c5a132c39a15626bf1f638ee6b545302e
SHA256

732a688e619a0f755e0da9303135aa3360dca3098e113a758f8fa6505b7705c7
SHA512

ed9601b607fe93ee26e1b4851a420ca5dc7687092199196b349e8ffcfdbfeae30d5762cd63612120620deb83ae92648a95f08e48257620d2787d40f1f772e559
SSDEEP

6144:6HBGzzdFCJx6fVyYlrXKkKQU5dr/pseozXgWRZB0sP/vUg:D3zZ8YNKaU5NBsemQWTBN

Score

10^/10

trickbot banker trojan

Static task

static1

Behavioral task

behavioral1

Sample

732a688e619a0f755e0da9303135aa3360dca3098e113a758f8fa6505b7705c7.exe

Resource

win7-20220812-en

trickbot banker trojan

windows7-x64

2 signatures

150 seconds

Behavioral task

behavioral2

Sample

732a688e619a0f755e0da9303135aa3360dca3098e113a758f8fa6505b7705c7.exe

Resource

win10v2004-20220901-en

trickbot banker trojan

windows10-2004-x64

6 signatures

150 seconds

Malware Config

Targets

- Target
  
  732a688e619a0f755e0da9303135aa3360dca3098e113a758f8fa6505b7705c7
- Size
  
  329KB
- MD5
  
  27837c212d654407b893ca689aa71ed4
- SHA1
  
  ac0ec08c5a132c39a15626bf1f638ee6b545302e
- SHA256
  
  732a688e619a0f755e0da9303135aa3360dca3098e113a758f8fa6505b7705c7
- SHA512
  
  ed9601b607fe93ee26e1b4851a420ca5dc7687092199196b349e8ffcfdbfeae30d5762cd63612120620deb83ae92648a95f08e48257620d2787d40f1f772e559
- SSDEEP
  
  6144:6HBGzzdFCJx6fVyYlrXKkKQU5dr/pseozXgWRZB0sP/vUg:D3zZ8YNKaU5NBsemQWTBN
Score

10^/10

trickbot banker trojan
- Trickbot
  Developed in 2016, TrickBot is one of the more recent banking Trojans.
  trojan banker trickbot
- Trickbot x86 loader
  Detected Trickbot's x86 loader that unpacks the x86 payload.
- Executes dropped EXE
- Looks up external IP address via web service
  Uses a legitimate IP lookup service to find the infected system's external IP.
behavioral1 behavioral2

MITRE ATT&CK Matrix

Tasks

static1

behavioral1

trickbotbankertrojan

behavioral2

trickbotbankertrojan

© 2018-2024

Terms | Privacy