Overview

overview

10

Static

static

10

7fc255b60b...c5.exe

windows7-x64

10

7fc255b60b...c5.exe

windows10-2004-x64

10

Sharing

Copy URL
Twitter E-mail

General

  • Target

    7fc255b60b2929319f76d4d7e104326b0d057b9d7805bd499464217ad26951c5

  • Size

    1.1MB

  • Sample

    240328-2cefkaab8y

  • MD5

    9fc4037de2b5eddf03e896723770d08b

  • SHA1

    fc3a962e1e80982660afaf1cfa9e999055a7a0f4

  • SHA256

    7fc255b60b2929319f76d4d7e104326b0d057b9d7805bd499464217ad26951c5

  • SHA512

    959011889129a0f7eb7a32e046184db92c34a8fd353268f980721062e022fdd636970a05de3e9f4ae3f576ee4bf224d7b95a88c072e155396a814be043d8be3b

  • SSDEEP

    24576:zQ5aILMCfmAUjzX6xQGCZLFdGm1Sdr36OTcge+:E5aIwC+Agr6S/FEr

Score
10/10
kpottrickbotbankerevasionstealertrojan

Malware Config

Targets

    • Target

      7fc255b60b2929319f76d4d7e104326b0d057b9d7805bd499464217ad26951c5

    • Size

      1.1MB

    • MD5

      9fc4037de2b5eddf03e896723770d08b

    • SHA1

      fc3a962e1e80982660afaf1cfa9e999055a7a0f4

    • SHA256

      7fc255b60b2929319f76d4d7e104326b0d057b9d7805bd499464217ad26951c5

    • SHA512

      959011889129a0f7eb7a32e046184db92c34a8fd353268f980721062e022fdd636970a05de3e9f4ae3f576ee4bf224d7b95a88c072e155396a814be043d8be3b

    • SSDEEP

      24576:zQ5aILMCfmAUjzX6xQGCZLFdGm1Sdr36OTcge+:E5aIwC+Agr6S/FEr

    Score
    10/10
    kpottrickbotbankerevasionstealertrojan

    • KPOT

      KPOT is an information stealer that steals user data and account credentials.

      trojanstealerkpot

    • KPOT Core Executable

    • Trickbot

      Developed in 2016, TrickBot is one of the more recent banking Trojans.

      trojanbankertrickbot

    • Trickbot x86 loader

      Detected Trickbot's x86 loader that unpacks the x86 payload.

    • Stops running service(s)

      evasion

    • Executes dropped EXE

    • Loads dropped DLL

    • Drops file in System32 directory

    behavioral1behavioral2

MITRE ATT&CK Enterprise v15

Tasks