General

  • Target

    5e0458fdef398f8bfc20bb42742d33db30a67e2da4180511f4dc27c69f8fbedc

  • Size

    1.0MB

  • Sample

    240502-2caglsab65

  • MD5

    89aebd087e215625a9a8ef611af8b115

  • SHA1

    6bf4655bb38e4902a4b401fcd8db88cffcfffbcb

  • SHA256

    5e0458fdef398f8bfc20bb42742d33db30a67e2da4180511f4dc27c69f8fbedc

  • SHA512

    addbafb7c0b816c823472f9234ac1761ad17fdf7c04552b7e609db5925092babfc9e35e41ff88becbf7115dda748bc9594b17b28011b7549a9336c521af474de

  • SSDEEP

    24576:zQ5aILMCfmAUjzX6xQ0+wCIygDsAUkhmZ9skQ6:E5aIwC+Agr6SNbf

Malware Config

Targets

    • Target

      5e0458fdef398f8bfc20bb42742d33db30a67e2da4180511f4dc27c69f8fbedc

    • Size

      1.0MB

    • MD5

      89aebd087e215625a9a8ef611af8b115

    • SHA1

      6bf4655bb38e4902a4b401fcd8db88cffcfffbcb

    • SHA256

      5e0458fdef398f8bfc20bb42742d33db30a67e2da4180511f4dc27c69f8fbedc

    • SHA512

      addbafb7c0b816c823472f9234ac1761ad17fdf7c04552b7e609db5925092babfc9e35e41ff88becbf7115dda748bc9594b17b28011b7549a9336c521af474de

    • SSDEEP

      24576:zQ5aILMCfmAUjzX6xQ0+wCIygDsAUkhmZ9skQ6:E5aIwC+Agr6SNbf

    • KPOT

      KPOT is an information stealer that steals user data and account credentials.

    • KPOT Core Executable

    • Trickbot

      Developed in 2016, TrickBot is one of the more recent banking Trojans.

    • Trickbot x86 loader

      Detected Trickbot's x86 loader that unpacks the x86 payload.

    • Stops running service(s)

    • Executes dropped EXE

    • Loads dropped DLL

    • Drops file in System32 directory

MITRE ATT&CK Enterprise v15

Tasks