General
-
Target
202304294901e218eca77780eb4310db84875369icedid
-
Size
550KB
-
Sample
230507-aa3xlace2s
-
MD5
4901e218eca77780eb4310db84875369
-
SHA1
a2f4d1ca941f90271f4c0d64f2db21d0d4a24d6d
-
SHA256
e467af8a6df7b1e9717aebc189d6271c99643156bff6bd54f0546f871e1b873b
-
SHA512
3a136e5f99cd16272a3e32bd8a940ffb44ea3a42ba6cf84c4de98d13b549220ba7331ccccb7867899384fddc81b9dcf3d9afadd00800f6cc499b86db039a0074
-
SSDEEP
12288:Zx1Q61iHsXYvfVpMODDawkCurdEtttYrX4o5Oat0yuScux:ZXQUIsQpMsequrmGzd5OqcC
Malware Config
Targets
-
-
Target
202304294901e218eca77780eb4310db84875369icedid
-
Size
550KB
-
MD5
4901e218eca77780eb4310db84875369
-
SHA1
a2f4d1ca941f90271f4c0d64f2db21d0d4a24d6d
-
SHA256
e467af8a6df7b1e9717aebc189d6271c99643156bff6bd54f0546f871e1b873b
-
SHA512
3a136e5f99cd16272a3e32bd8a940ffb44ea3a42ba6cf84c4de98d13b549220ba7331ccccb7867899384fddc81b9dcf3d9afadd00800f6cc499b86db039a0074
-
SSDEEP
12288:Zx1Q61iHsXYvfVpMODDawkCurdEtttYrX4o5Oat0yuScux:ZXQUIsQpMsequrmGzd5OqcC
Score10/10-
Trickbot
Developed in 2016, TrickBot is one of the more recent banking Trojans.
-
Trickbot x86 loader
Detected Trickbot's x86 loader that unpacks the x86 payload.
-
Checks computer location settings
Looks up country code configured in the registry, likely geofence.
-
Executes dropped EXE
-
Loads dropped DLL
-