Overview

overview

10

Static

static

3

8272d5c376...cs.exe

windows7-x64

10

8272d5c376...cs.exe

windows10-2004-x64

10

Sharing

Copy URL
Twitter E-mail

General

  • Target

    8272d5c376211fd7d7d68cf4e8fc9310_NeikiAnalytics.exe

  • Size

    1.0MB

  • Sample

    240517-cec8vacc5s

  • MD5

    8272d5c376211fd7d7d68cf4e8fc9310

  • SHA1

    5d1ff9f0caf5708b6a9e3662dcffec4761b3e35b

  • SHA256

    811993985b6a8f37b5e9474abc029c2c8880d057fa83a8aab0a89a9a27bccc8e

  • SHA512

    d3cd3ebd2b637dbdd7a54411c9be5a8e0195e1261ac51857ebaeb463113336944ac59642ae4d54691ed16fa1516efc46583d7e592c7a9721d49a82630e8582e1

  • SSDEEP

    24576:zQ5aILMCfmAUhrSO1YNWdvCzMPqdUD6dNXfpTQXUk:E5aIwC+AUBsWsXCUk

Score
10/10
trickbotbankerevasionexecutiontrojan

Malware Config

Targets

    • Target

      8272d5c376211fd7d7d68cf4e8fc9310_NeikiAnalytics.exe

    • Size

      1.0MB

    • MD5

      8272d5c376211fd7d7d68cf4e8fc9310

    • SHA1

      5d1ff9f0caf5708b6a9e3662dcffec4761b3e35b

    • SHA256

      811993985b6a8f37b5e9474abc029c2c8880d057fa83a8aab0a89a9a27bccc8e

    • SHA512

      d3cd3ebd2b637dbdd7a54411c9be5a8e0195e1261ac51857ebaeb463113336944ac59642ae4d54691ed16fa1516efc46583d7e592c7a9721d49a82630e8582e1

    • SSDEEP

      24576:zQ5aILMCfmAUhrSO1YNWdvCzMPqdUD6dNXfpTQXUk:E5aIwC+AUBsWsXCUk

    Score
    10/10
    trickbotbankerevasionexecutiontrojan

    • Trickbot

      Developed in 2016, TrickBot is one of the more recent banking Trojans.

      trojanbankertrickbot

    • Trickbot x86 loader

      Detected Trickbot's x86 loader that unpacks the x86 payload.

    • Stops running service(s)

      evasionexecution

    • Executes dropped EXE

    • Loads dropped DLL

    • Drops file in System32 directory

    behavioral1behavioral2

MITRE ATT&CK Enterprise v15

Tasks