General

  • Target

    75eff78616e93772a36c8936f3ff38339545618bc4c93dd2644718481c09cdc8

  • Size

    1.2MB

  • Sample

    240507-2m5qhaeg74

  • MD5

    48f6dbb8b5290fb594f8e026fe33e44a

  • SHA1

    b6fe101495fe998f49993069bd9a4d413d01f8cd

  • SHA256

    75eff78616e93772a36c8936f3ff38339545618bc4c93dd2644718481c09cdc8

  • SHA512

    94fde7134040901439266f32baa05c1c80bc4bef0d8e0364ff620b838b52768574071fa20db5b51c5adfd82fb2b4feaf7d7968b1f2136f409846b6c5d38967eb

  • SSDEEP

    24576:zQ5aILMCfmAUjzX6gfU1pjwjbsXhmvZssrD+nRgnf4NvlOSA:E5aIwC+Agr6g81p1vsrNiA

Malware Config

Targets

    • Target

      75eff78616e93772a36c8936f3ff38339545618bc4c93dd2644718481c09cdc8

    • Size

      1.2MB

    • MD5

      48f6dbb8b5290fb594f8e026fe33e44a

    • SHA1

      b6fe101495fe998f49993069bd9a4d413d01f8cd

    • SHA256

      75eff78616e93772a36c8936f3ff38339545618bc4c93dd2644718481c09cdc8

    • SHA512

      94fde7134040901439266f32baa05c1c80bc4bef0d8e0364ff620b838b52768574071fa20db5b51c5adfd82fb2b4feaf7d7968b1f2136f409846b6c5d38967eb

    • SSDEEP

      24576:zQ5aILMCfmAUjzX6gfU1pjwjbsXhmvZssrD+nRgnf4NvlOSA:E5aIwC+Agr6g81p1vsrNiA

    • KPOT

      KPOT is an information stealer that steals user data and account credentials.

    • KPOT Core Executable

    • Trickbot

      Developed in 2016, TrickBot is one of the more recent banking Trojans.

    • Trickbot x86 loader

      Detected Trickbot's x86 loader that unpacks the x86 payload.

    • Stops running service(s)

    • Executes dropped EXE

    • Loads dropped DLL

    • Drops file in System32 directory

MITRE ATT&CK Enterprise v15

Tasks