Overview

overview

10

Static

static

10

6d646cc4e2...79.exe

windows7-x64

10

6d646cc4e2...79.exe

windows10-2004-x64

10

Sharing

Copy URL
Twitter E-mail

General

  • Target

    6d646cc4e2840478711dad63295e2b6c7c4411c22d761e9fa321786ad511a579

  • Size

    1.1MB

  • Sample

    240511-3g4fxsgh52

  • MD5

    9ece3b3514daec13578769d51b678b72

  • SHA1

    e3c584bc02d2a413176baafd5534181d477019ae

  • SHA256

    6d646cc4e2840478711dad63295e2b6c7c4411c22d761e9fa321786ad511a579

  • SHA512

    cd5664c8c4545b8e639272dc5256ed6053e0a755073d3fffcdf9c03db30256622816330ef8424b935c4fb36b90ed4dbe2fc4b293731d8fd6124b000a87aa959c

  • SSDEEP

    24576:zQ5aILMCfmAUjzX6xQ0+wCIygDsAUkhmZ9skmbyT:E5aIwC+Agr6SNbN

Score
10/10
kpottrickbotbankerevasionexecutionstealertrojan

Malware Config

Targets

    • Target

      6d646cc4e2840478711dad63295e2b6c7c4411c22d761e9fa321786ad511a579

    • Size

      1.1MB

    • MD5

      9ece3b3514daec13578769d51b678b72

    • SHA1

      e3c584bc02d2a413176baafd5534181d477019ae

    • SHA256

      6d646cc4e2840478711dad63295e2b6c7c4411c22d761e9fa321786ad511a579

    • SHA512

      cd5664c8c4545b8e639272dc5256ed6053e0a755073d3fffcdf9c03db30256622816330ef8424b935c4fb36b90ed4dbe2fc4b293731d8fd6124b000a87aa959c

    • SSDEEP

      24576:zQ5aILMCfmAUjzX6xQ0+wCIygDsAUkhmZ9skmbyT:E5aIwC+Agr6SNbN

    Score
    10/10
    kpottrickbotbankerevasionexecutionstealertrojan

    • KPOT

      KPOT is an information stealer that steals user data and account credentials.

      trojanstealerkpot

    • KPOT Core Executable

    • Trickbot

      Developed in 2016, TrickBot is one of the more recent banking Trojans.

      trojanbankertrickbot

    • Trickbot x86 loader

      Detected Trickbot's x86 loader that unpacks the x86 payload.

    • Stops running service(s)

      evasionexecution

    • Executes dropped EXE

    • Loads dropped DLL

    • Drops file in System32 directory

    behavioral1behavioral2

MITRE ATT&CK Enterprise v15

Tasks