Overview

overview

10

Static

static

10

ae0a639419...cs.exe

windows7-x64

10

ae0a639419...cs.exe

windows10-2004-x64

10

Sharing

Copy URL
Twitter E-mail

General

  • Target

    ae0a6394198415894a97250e54a44d10_NeikiAnalytics

  • Size

    1.0MB

  • Sample

    240509-wal5qshd73

  • MD5

    ae0a6394198415894a97250e54a44d10

  • SHA1

    4f4e55be7ba6d93289e67662aeeaeaf91ded9207

  • SHA256

    ce8bf8d639ccd1fd99eabb981e5ba62ab5aee73842acec48f659f7d8e0e8af07

  • SHA512

    13c04ee33c80c05c16ff559fa512ea35371a4bdc656f224fefd66aa81f65ec0389a0141a6b7230cadf0ae6a4bd38ae69235a647eeaed7295cae7c53511799b43

  • SSDEEP

    24576:zQ5aILMCfmAUjzX6xQ0+wCIygDsAUkhmZ9sksD:E5aIwC+Agr6SNb2D

Score
10/10
kpottrickbotbankerevasionexecutionstealertrojan

Malware Config

Targets

    • Target

      ae0a6394198415894a97250e54a44d10_NeikiAnalytics

    • Size

      1.0MB

    • MD5

      ae0a6394198415894a97250e54a44d10

    • SHA1

      4f4e55be7ba6d93289e67662aeeaeaf91ded9207

    • SHA256

      ce8bf8d639ccd1fd99eabb981e5ba62ab5aee73842acec48f659f7d8e0e8af07

    • SHA512

      13c04ee33c80c05c16ff559fa512ea35371a4bdc656f224fefd66aa81f65ec0389a0141a6b7230cadf0ae6a4bd38ae69235a647eeaed7295cae7c53511799b43

    • SSDEEP

      24576:zQ5aILMCfmAUjzX6xQ0+wCIygDsAUkhmZ9sksD:E5aIwC+Agr6SNb2D

    Score
    10/10
    kpottrickbotbankerevasionexecutionstealertrojan

    • KPOT

      KPOT is an information stealer that steals user data and account credentials.

      trojanstealerkpot

    • KPOT Core Executable

    • Trickbot

      Developed in 2016, TrickBot is one of the more recent banking Trojans.

      trojanbankertrickbot

    • Trickbot x86 loader

      Detected Trickbot's x86 loader that unpacks the x86 payload.

    • Stops running service(s)

      evasionexecution

    • Executes dropped EXE

    • Loads dropped DLL

    • Drops file in System32 directory

    behavioral1behavioral2

MITRE ATT&CK Enterprise v15

Tasks