General

  • Target

    914ce8f302d715d7f8ed70ea6051828052eb2f90fc7f036a5fd2e14558424e79

  • Size

    1.3MB

  • Sample

    240501-a5dk7ade97

  • MD5

    3829842fad4d6db70175eff4b17d3148

  • SHA1

    421befc0b5aac020857a78088e79d538405ca7cb

  • SHA256

    914ce8f302d715d7f8ed70ea6051828052eb2f90fc7f036a5fd2e14558424e79

  • SHA512

    cc1f85e3c0976dddabb1910759098ffecc8bd4d874f93d97f0971aab18d9d79b278c3a14f41778ab6a1ed020d3a4cf6319faae62ad3ab53a156cc5f038b4b08a

  • SSDEEP

    24576:zQ5aILMCfmAUjzX6xQtpj/Yz6XVSvmHaZ9uvCnWF1WXmp7amF:E5aIwC+Agr6St1lOqIucI1WAX

Malware Config

Targets

    • Target

      914ce8f302d715d7f8ed70ea6051828052eb2f90fc7f036a5fd2e14558424e79

    • Size

      1.3MB

    • MD5

      3829842fad4d6db70175eff4b17d3148

    • SHA1

      421befc0b5aac020857a78088e79d538405ca7cb

    • SHA256

      914ce8f302d715d7f8ed70ea6051828052eb2f90fc7f036a5fd2e14558424e79

    • SHA512

      cc1f85e3c0976dddabb1910759098ffecc8bd4d874f93d97f0971aab18d9d79b278c3a14f41778ab6a1ed020d3a4cf6319faae62ad3ab53a156cc5f038b4b08a

    • SSDEEP

      24576:zQ5aILMCfmAUjzX6xQtpj/Yz6XVSvmHaZ9uvCnWF1WXmp7amF:E5aIwC+Agr6St1lOqIucI1WAX

    • KPOT

      KPOT is an information stealer that steals user data and account credentials.

    • KPOT Core Executable

    • Trickbot

      Developed in 2016, TrickBot is one of the more recent banking Trojans.

    • Trickbot x86 loader

      Detected Trickbot's x86 loader that unpacks the x86 payload.

    • Stops running service(s)

    • Executes dropped EXE

    • Loads dropped DLL

    • Drops file in System32 directory

MITRE ATT&CK Enterprise v15

Tasks