trickbot | d6e0056de74d9728ad53fa09e398f5e178f9fbddc8d7710f4f6e12d0fdccd3af | Triage

Submit
Reports

Overview

overview

Static

static

3

0832656af4...ex.exe

windows7-x64

0832656af4...ex.exe

windows10-2004-x64

Sharing

General

Target

0832656af4eb3bexeexeexeex.exe
Size

544KB
Sample

230705-sykd9sde74
MD5

0832656af4eb3b3db19e87d588e138d5
SHA1

829b6efb4f2fa4b470568c248d8dae4e6088c1be
SHA256

d6e0056de74d9728ad53fa09e398f5e178f9fbddc8d7710f4f6e12d0fdccd3af
SHA512

6f473039b1f2bf45194e74dd4936e28feeb96fe5b6f6d41ff42e9246e6debaf5e7b4ea07fe8eefaeafa14b1ca27e3dca324428c91d2322ae069c6c74e15f3f11
SSDEEP

12288:Zx1Q61iHsXYvfVpMODDawkCurdEtttYD+vfYwtcWg:ZXQUIsQpMsequrmGQYwtcWg

Score

10^/10

trickbot banker trojan

Static task

static1

1 signatures

Behavioral task

behavioral1

Sample

0832656af4eb3bexeexeexeex.exe

Resource

win7-20230705-en

trickbot banker trojan

windows7-x64

9 signatures

150 seconds

Behavioral task

behavioral2

Sample

0832656af4eb3bexeexeexeex.exe

Resource

win10v2004-20230703-en

trickbot banker trojan

windows10-2004-x64

9 signatures

150 seconds

Malware Config

Targets

- Target
  
  0832656af4eb3bexeexeexeex.exe
- Size
  
  544KB
- MD5
  
  0832656af4eb3b3db19e87d588e138d5
- SHA1
  
  829b6efb4f2fa4b470568c248d8dae4e6088c1be
- SHA256
  
  d6e0056de74d9728ad53fa09e398f5e178f9fbddc8d7710f4f6e12d0fdccd3af
- SHA512
  
  6f473039b1f2bf45194e74dd4936e28feeb96fe5b6f6d41ff42e9246e6debaf5e7b4ea07fe8eefaeafa14b1ca27e3dca324428c91d2322ae069c6c74e15f3f11
- SSDEEP
  
  12288:Zx1Q61iHsXYvfVpMODDawkCurdEtttYD+vfYwtcWg:ZXQUIsQpMsequrmGQYwtcWg
Score

10^/10

trickbot banker trojan
- Trickbot
  Developed in 2016, TrickBot is one of the more recent banking Trojans.
  trojan banker trickbot
- Trickbot x86 loader
  Detected Trickbot's x86 loader that unpacks the x86 payload.
- Checks computer location settings
  Looks up country code configured in the registry, likely geofence.
- Executes dropped EXE
- Loads dropped DLL
behavioral1 behavioral2

MITRE ATT&CK Matrix ATT&CK v6

Initial Access

Execution

Persistence

Privilege Escalation

Defense Evasion

Credential Access

Discovery

Query Registry

System Information Discovery

Lateral Movement

Collection

Exfiltration

Command and Control

Impact

Tasks

static1

behavioral1

trickbotbankertrojan

behavioral2

trickbotbankertrojan

© 2018-2024

Terms | Privacy