Overview

overview

10

Static

static

3

3e239f021c...cs.exe

windows7-x64

10

3e239f021c...cs.exe

windows10-2004-x64

10

Sharing

Copy URL
Twitter E-mail

General

  • Target

    3e239f021cab6853f242e75969d06c70_NeikiAnalytics

  • Size

    1.0MB

  • Sample

    240516-sb456ahh4w

  • MD5

    3e239f021cab6853f242e75969d06c70

  • SHA1

    17074b80e9a717889b970ca3bb22dadb88afce33

  • SHA256

    4a03235d1221f8e5c6840ba5950c05673720d2a64293862608cbbb64e707992d

  • SHA512

    d05c32c2760e8476566901349381bfb75dfa7f19df9b5eb33909cda2768a492515fef8433f5533f74e6bc702afd7f327ffcd068af5dd0a538972f4ccc166a4a8

  • SSDEEP

    24576:zQ5aILMCfmAUhrSO1YNWdvCzMPqdUD6dNXfpE:E5aIwC+AUBsWsXI

Score
10/10
trickbotbankerevasionexecutiontrojan

Malware Config

Targets

    • Target

      3e239f021cab6853f242e75969d06c70_NeikiAnalytics

    • Size

      1.0MB

    • MD5

      3e239f021cab6853f242e75969d06c70

    • SHA1

      17074b80e9a717889b970ca3bb22dadb88afce33

    • SHA256

      4a03235d1221f8e5c6840ba5950c05673720d2a64293862608cbbb64e707992d

    • SHA512

      d05c32c2760e8476566901349381bfb75dfa7f19df9b5eb33909cda2768a492515fef8433f5533f74e6bc702afd7f327ffcd068af5dd0a538972f4ccc166a4a8

    • SSDEEP

      24576:zQ5aILMCfmAUhrSO1YNWdvCzMPqdUD6dNXfpE:E5aIwC+AUBsWsXI

    Score
    10/10
    trickbotbankerevasionexecutiontrojan

    • Trickbot

      Developed in 2016, TrickBot is one of the more recent banking Trojans.

      trojanbankertrickbot

    • Trickbot x86 loader

      Detected Trickbot's x86 loader that unpacks the x86 payload.

    • Stops running service(s)

      evasionexecution

    • Executes dropped EXE

    • Loads dropped DLL

    • Drops file in System32 directory

    behavioral1behavioral2

MITRE ATT&CK Enterprise v15

Tasks