General

  • Target

    03a99897c4c14a3e70906071bd0205ad_JaffaCakes118

  • Size

    781KB

  • Sample

    240427-z9zrnagh28

  • MD5

    03a99897c4c14a3e70906071bd0205ad

  • SHA1

    5c2a0c531ccba09281d824b79fb706c9d6d8e7a2

  • SHA256

    6c59d5e1cbc381e8fabd6886b9202ccb8cb47fde6d197ef656ca9038d720562b

  • SHA512

    4599ab8992490391719d7e36bec9d1c97a484c6ca492ff6a1cdfb5ce298d9ee0f198460a03da99875b8f07d4427e13b37c8277b55cdf505fda5e6b4101b202b2

  • SSDEEP

    12288:F/w7sR5K9NxmyifoCQxoENybj1GgZ+aTw3W2eaq+cN:F/BkuA3jNynMBq+E

Score
10/10

Malware Config

Targets

    • Target

      03a99897c4c14a3e70906071bd0205ad_JaffaCakes118

    • Size

      781KB

    • MD5

      03a99897c4c14a3e70906071bd0205ad

    • SHA1

      5c2a0c531ccba09281d824b79fb706c9d6d8e7a2

    • SHA256

      6c59d5e1cbc381e8fabd6886b9202ccb8cb47fde6d197ef656ca9038d720562b

    • SHA512

      4599ab8992490391719d7e36bec9d1c97a484c6ca492ff6a1cdfb5ce298d9ee0f198460a03da99875b8f07d4427e13b37c8277b55cdf505fda5e6b4101b202b2

    • SSDEEP

      12288:F/w7sR5K9NxmyifoCQxoENybj1GgZ+aTw3W2eaq+cN:F/BkuA3jNynMBq+E

    Score
    10/10
    • Trickbot

      Developed in 2016, TrickBot is one of the more recent banking Trojans.

    • Trickbot x86 loader

      Detected Trickbot's x86 loader that unpacks the x86 payload.

    • Checks computer location settings

      Looks up country code configured in the registry, likely geofence.

    • Executes dropped EXE

    • Loads dropped DLL

MITRE ATT&CK Enterprise v15

Tasks