trickbot | 732a688e619a0f755e0da9303135aa3360dca3098e113a758f8fa6505b7705c7

Resubmissions

29-01-2023 17:44

max time kernel
43s
max time network
46s
platform
windows7_x64
resource
win7-20220812-en
resource tags

arch:x64arch:x86image:win7-20220812-enlocale:en-usos:windows7-x64system
submitted
29-01-2023 17:44

Target

732a688e619a0f755e0da9303135aa3360dca3098e113a758f8fa6505b7705c7.exe
Size

329KB
MD5

27837c212d654407b893ca689aa71ed4
SHA1

ac0ec08c5a132c39a15626bf1f638ee6b545302e
SHA256

732a688e619a0f755e0da9303135aa3360dca3098e113a758f8fa6505b7705c7
SHA512

ed9601b607fe93ee26e1b4851a420ca5dc7687092199196b349e8ffcfdbfeae30d5762cd63612120620deb83ae92648a95f08e48257620d2787d40f1f772e559
SSDEEP

6144:6HBGzzdFCJx6fVyYlrXKkKQU5dr/pseozXgWRZB0sP/vUg:D3zZ8YNKaU5NBsemQWTBN

Score

10^/10

Trickbot
Developed in 2016, TrickBot is one of the more recent banking Trojans.
trojan banker trickbot

Trickbot x86 loader 2 IoCs

Detected Trickbot's x86 loader that unpacks the x86 payload.

Processes:

resource	yara_rule
behavioral1/memory/2004-55-0x00000000003C0000-0x00000000003EB000-memory.dmp	trickbot_loader32
behavioral1/memory/2004-56-0x00000000003C0000-0x00000000003EB000-memory.dmp	trickbot_loader32

C:\Users\Admin\AppData\Local\Temp\732a688e619a0f755e0da9303135aa3360dca3098e113a758f8fa6505b7705c7.exe
"C:\Users\Admin\AppData\Local\Temp\732a688e619a0f755e0da9303135aa3360dca3098e113a758f8fa6505b7705c7.exe"
1⤵
PID:2004

memory/2004-54-0x0000000074AB1000-0x0000000074AB3000-memory.dmp

Filesize
8KB

Download
memory/2004-55-0x00000000003C0000-0x00000000003EB000-memory.dmp

Filesize
172KB

Download
memory/2004-56-0x00000000003C0000-0x00000000003EB000-memory.dmp

Filesize
172KB

Download