trickbot | 136b345a239295acc0329ae85463e0b249ee43f2409efef6b003dd31a10b40d6 | Triage

Submit
Reports

Overview

overview

Static

static

1

15810fb5f1...18.vbs

windows7-x64

15810fb5f1...18.vbs

windows10-2004-x64

Sharing

General

Target

15810fb5f100a3a2d21e4c2288dc1a88_JaffaCakes118
Size

636KB
Sample

240505-clh3nsef49
MD5

15810fb5f100a3a2d21e4c2288dc1a88
SHA1

834308004280f11a459f764d9e2339c34dc5d7f1
SHA256

136b345a239295acc0329ae85463e0b249ee43f2409efef6b003dd31a10b40d6
SHA512

431b31281a4b3d99fe2f9a0900a66b5eb9fc7deeae3394501fbc46ecd8d249415014f524f255a629d1f8ee3776d0b3cc8ff76d07beb7ec9c7c33632196ecaf87
SSDEEP

6144:VdRRukv5qBwnX4kRdhogrMkgS1SuxRvT3b3KBaEt47A24/HGiovG:ikcpkHhR9Yu93O2An/H4G

Score

10^/10

trickbot banker packer trojan

Static task

static1

Behavioral task

behavioral1

Sample

15810fb5f100a3a2d21e4c2288dc1a88_JaffaCakes118.vbs

Resource

win7-20240221-en

trickbot banker packer trojan

windows7-x64

9 signatures

150 seconds

Behavioral task

behavioral2

Sample

15810fb5f100a3a2d21e4c2288dc1a88_JaffaCakes118.vbs

Resource

win10v2004-20240419-en

trickbot banker packer trojan

windows10-2004-x64

10 signatures

150 seconds

Malware Config

Targets

- Target
  
  15810fb5f100a3a2d21e4c2288dc1a88_JaffaCakes118
- Size
  
  636KB
- MD5
  
  15810fb5f100a3a2d21e4c2288dc1a88
- SHA1
  
  834308004280f11a459f764d9e2339c34dc5d7f1
- SHA256
  
  136b345a239295acc0329ae85463e0b249ee43f2409efef6b003dd31a10b40d6
- SHA512
  
  431b31281a4b3d99fe2f9a0900a66b5eb9fc7deeae3394501fbc46ecd8d249415014f524f255a629d1f8ee3776d0b3cc8ff76d07beb7ec9c7c33632196ecaf87
- SSDEEP
  
  6144:VdRRukv5qBwnX4kRdhogrMkgS1SuxRvT3b3KBaEt47A24/HGiovG:ikcpkHhR9Yu93O2An/H4G
Score

10^/10

trickbot banker packer trojan
- Trickbot
  Developed in 2016, TrickBot is one of the more recent banking Trojans.
  trojan banker trickbot
- Templ.dll packer
  Detects Templ.dll packer which usually loads Trickbot.
  packer
- Checks computer location settings
  Looks up country code configured in the registry, likely geofence.
- Loads dropped DLL
behavioral1 behavioral2

MITRE ATT&CK Matrix ATT&CK v13

Initial Access

Execution

Persistence

Privilege Escalation

Defense Evasion

Modify Registry

Credential Access

Discovery

Query Registry

System Information Discovery

Lateral Movement

Collection

Exfiltration

Command and Control

Impact

Resource Development

Reconnaissance

Tasks

static1

behavioral1

trickbotbankerpackertrojan

behavioral2

trickbotbankerpackertrojan

© 2018-2024

Terms | Privacy