Overview

overview

10

Static

static

10

32f75ff62b...AS.exe

windows7-x64

10

32f75ff62b...AS.exe

windows10-2004-x64

10

Sharing

Copy URL
Twitter E-mail

General

  • Target

    32f75ff62b7b3b61511d05a4cff972b0_NEAS

  • Size

    1.2MB

  • Sample

    240506-3n5bssgf5x

  • MD5

    32f75ff62b7b3b61511d05a4cff972b0

  • SHA1

    6622cec40fa950c7875971257594122d436838ac

  • SHA256

    230c75bc525b6ee25ca17be2d1630b361983f1a10e15b33f782ca3cfb983df38

  • SHA512

    90fcbd11aabd987cec243355ba2d99bb228be844f8fda8d3088aac89d781ec28ab4ecf215ee26644120453ba9a24c4caea6300118a9cb453d8403ea51e3fc896

  • SSDEEP

    24576:zQ5aILMCfmAUjzX6xQGCZLFdGm1Sdr36OTcgapChI/W:E5aIwC+Agr6S/FEVN

Score
10/10
kpottrickbotbankerevasionexecutionstealertrojan

Malware Config

Targets

    • Target

      32f75ff62b7b3b61511d05a4cff972b0_NEAS

    • Size

      1.2MB

    • MD5

      32f75ff62b7b3b61511d05a4cff972b0

    • SHA1

      6622cec40fa950c7875971257594122d436838ac

    • SHA256

      230c75bc525b6ee25ca17be2d1630b361983f1a10e15b33f782ca3cfb983df38

    • SHA512

      90fcbd11aabd987cec243355ba2d99bb228be844f8fda8d3088aac89d781ec28ab4ecf215ee26644120453ba9a24c4caea6300118a9cb453d8403ea51e3fc896

    • SSDEEP

      24576:zQ5aILMCfmAUjzX6xQGCZLFdGm1Sdr36OTcgapChI/W:E5aIwC+Agr6S/FEVN

    Score
    10/10
    kpottrickbotbankerevasionexecutionstealertrojan

    • KPOT

      KPOT is an information stealer that steals user data and account credentials.

      trojanstealerkpot

    • KPOT Core Executable

    • Trickbot

      Developed in 2016, TrickBot is one of the more recent banking Trojans.

      trojanbankertrickbot

    • Trickbot x86 loader

      Detected Trickbot's x86 loader that unpacks the x86 payload.

    • Stops running service(s)

      evasionexecution

    • Executes dropped EXE

    • Loads dropped DLL

    • Drops file in System32 directory

    behavioral1behavioral2

MITRE ATT&CK Enterprise v15

Tasks