trickbot | 82d57d9cbb1b318333288e02fdb06624fdbc92aea6d34f4ea8dbf2f418d4211c | Triage

Submit
Reports

Overview

overview

Static

static

3

c2ce7e45ea...e5.exe

windows7-x64

c2ce7e45ea...e5.exe

windows10-2004-x64

Sharing

General

Target

10549576616.zip
Size

208KB
Sample

230527-sp5c3scb87
MD5

073a5a9ad0a2012f2ee609ffd7c3ec2e
SHA1

9be94cd8ac7711453c32d950dc84f018c91cdcfa
SHA256

82d57d9cbb1b318333288e02fdb06624fdbc92aea6d34f4ea8dbf2f418d4211c
SHA512

ad0a3bee68335bb687c05b0db841aaea568f678c8f6b1f98ceaf6f59b6a9e1c51e99c5a94b9c1fdadc0d58f5a92f87d1645316a0acb19f77006149cde34ba8ed
SSDEEP

6144:d5sle7vNuYJHYdQsFJP+yyE6LQEo2T8mwdKFOx1V:csvkY2RFJ/aLQEo24mGV

Score

10^/10

trickbot banker trojan

Static task

static1

1 signatures

Behavioral task

behavioral1

Sample

c2ce7e45eada01f39da7b16a1de4baa960274436e125781fa6ea686e8b7cb9e5.exe

Resource

win7-20230220-en

trickbot banker trojan

windows7-x64

9 signatures

150 seconds

Behavioral task

behavioral2

Sample

c2ce7e45eada01f39da7b16a1de4baa960274436e125781fa6ea686e8b7cb9e5.exe

Resource

win10v2004-20230220-en

trickbot banker trojan

windows10-2004-x64

9 signatures

150 seconds

Malware Config

Targets

- Target
  
  c2ce7e45eada01f39da7b16a1de4baa960274436e125781fa6ea686e8b7cb9e5
- Size
  
  332KB
- MD5
  
  0a85410c988ae0698352d21ed1215108
- SHA1
  
  776e65a26db3db3d54f2b2b709874e5fbd77c5ea
- SHA256
  
  c2ce7e45eada01f39da7b16a1de4baa960274436e125781fa6ea686e8b7cb9e5
- SHA512
  
  57b1f4760555c00ac7d09ffbb129fa60c4160aefb83c1c8aec1237f9bcde38314052e8de9cf43cb0217773fd809444556912da021b6308db04c7203fef31a17f
- SSDEEP
  
  6144:QHX9cfF3fJ+92LC04K/aRBukjP7Gv8zv1i/0qjl0HevGByrxgO9bbx:xt3fPWZsab1/28qJpv79bb
Score

10^/10

trickbot banker trojan
- Trickbot
  Developed in 2016, TrickBot is one of the more recent banking Trojans.
  trojan banker trickbot
- Trickbot x86 loader
  Detected Trickbot's x86 loader that unpacks the x86 payload.
- Checks computer location settings
  Looks up country code configured in the registry, likely geofence.
- Executes dropped EXE
- Loads dropped DLL
behavioral1 behavioral2

MITRE ATT&CK Matrix ATT&CK v6

Initial Access

Execution

Persistence

Privilege Escalation

Defense Evasion

Credential Access

Discovery

Query Registry

System Information Discovery

Lateral Movement

Collection

Exfiltration

Command and Control

Impact

Tasks

static1

behavioral1

trickbotbankertrojan

behavioral2

trickbotbankertrojan

© 2018-2024

Terms | Privacy