General
-
Target
415e04eb340f1b092288cbcc71295a2c95e864fc1bbfcd55d6e3f5aa67099b1a.zip
-
Size
439KB
-
Sample
230311-s931racb2w
-
MD5
96617920aefe2454ddea73d30826c734
-
SHA1
81540cc1f165be60e2492d278177ea7c201a247e
-
SHA256
8520bbee9689bdc0781e16f8c81b47c65a1f2cf2210205ab7a0b53a891a0cd3e
-
SHA512
a9f8ec0f71dc7a210408b269d53aaa2c4fbc6621025f9ceecd32f416c83517be28634e4ef6a2cbf9263d57ca93a4aec8322cd652a5b610155d43d045b511390c
-
SSDEEP
12288:fJOeJwTXtUUxFMebMX/02tYl8wyhqUSYHfu6VoWl9KvRYy:AswTX9Mebm/02tI8wUS4u6OWlKF
Malware Config
Targets
-
-
Target
415e04eb340f1b092288cbcc71295a2c95e864fc1bbfcd55d6e3f5aa67099b1a.exe
-
Size
663KB
-
MD5
367b6a5c0e0e8ec68ea14a085b1d32b3
-
SHA1
d02f452d01660387fd78d40e9f2405c3e38c9668
-
SHA256
415e04eb340f1b092288cbcc71295a2c95e864fc1bbfcd55d6e3f5aa67099b1a
-
SHA512
6e07cd2dbbd729154b57afff569c9c9bc0e3cc23779698680c2f642cd9029fbe33a24222d9096599e8a54b43bc5eefe0b4590502093e0e35b9b769c67426d2d4
-
SSDEEP
12288:nO4BydKj3ACZfNFEnw6qJxs3UPwgDrZiI0OSnnox7Yu:OOyO3YnwFRPVXZf09nMD
Score10/10-
Trickbot
Developed in 2016, TrickBot is one of the more recent banking Trojans.
-
Trickbot x86 loader
Detected Trickbot's x86 loader that unpacks the x86 payload.
-
Checks computer location settings
Looks up country code configured in the registry, likely geofence.
-
Executes dropped EXE
-
Loads dropped DLL
-