General

  • Target

    a2ae841d1d66074bf6d0b98e52a58e76d2db80fff78b12d98fa6f2b6e6542287

  • Size

    1.2MB

  • Sample

    240408-ab9frsaf99

  • MD5

    5a8fb46f7bcc79de5c468099362088fc

  • SHA1

    43420f0955ec4c81bc58dd634eb9b1e23b38b62f

  • SHA256

    a2ae841d1d66074bf6d0b98e52a58e76d2db80fff78b12d98fa6f2b6e6542287

  • SHA512

    d4234acd7396b4271af69a883c5047ff402c6199aa07ae7c26fbb76d770285361dde2e7b0ca83541122333576f9f4fea651f1a317c059b469d699a2efa30dc97

  • SSDEEP

    24576:zQ5aILMCfmAUjzX6xQt+4En+bcMAOFZ+jJ/1q0GrbcUxnMjC:E5aIwC+Agr6StVEnmcKWnq0vljC

Malware Config

Targets

    • Target

      a2ae841d1d66074bf6d0b98e52a58e76d2db80fff78b12d98fa6f2b6e6542287

    • Size

      1.2MB

    • MD5

      5a8fb46f7bcc79de5c468099362088fc

    • SHA1

      43420f0955ec4c81bc58dd634eb9b1e23b38b62f

    • SHA256

      a2ae841d1d66074bf6d0b98e52a58e76d2db80fff78b12d98fa6f2b6e6542287

    • SHA512

      d4234acd7396b4271af69a883c5047ff402c6199aa07ae7c26fbb76d770285361dde2e7b0ca83541122333576f9f4fea651f1a317c059b469d699a2efa30dc97

    • SSDEEP

      24576:zQ5aILMCfmAUjzX6xQt+4En+bcMAOFZ+jJ/1q0GrbcUxnMjC:E5aIwC+Agr6StVEnmcKWnq0vljC

    • KPOT

      KPOT is an information stealer that steals user data and account credentials.

    • KPOT Core Executable

    • Trickbot

      Developed in 2016, TrickBot is one of the more recent banking Trojans.

    • Trickbot x86 loader

      Detected Trickbot's x86 loader that unpacks the x86 payload.

    • Stops running service(s)

    • Executes dropped EXE

    • Loads dropped DLL

    • Drops file in System32 directory

MITRE ATT&CK Enterprise v15

Tasks