General
-
Target
67f62a109aec23c9defd624deaf058fa14ea68f803abcc77fe3061ffc4a79228
-
Size
934KB
-
Sample
240517-xjbwssdf32
-
MD5
1798d5236e812c8ddfec2f7905789ea0
-
SHA1
11b9c9cab78180c7e899d19201d6d69f09d00e77
-
SHA256
67f62a109aec23c9defd624deaf058fa14ea68f803abcc77fe3061ffc4a79228
-
SHA512
80ec67fd892b05d9cab867f4566cc119e5ab55c58af153341b70e97535b9fffa43c7ab123636a58e00a15223c0524dbfca62cc195255ac035095a02d436d3b90
-
SSDEEP
12288:zJB0lh5aILwtFPCfmAUtFC6NXbv+GEiLFxXkxjVpdjwjDUcHMVcQioPzFbfmT2+X:zQ5aILMCfmAUjzX6gfU1pjwjbsmQdmTv
Malware Config
Targets
-
-
Target
67f62a109aec23c9defd624deaf058fa14ea68f803abcc77fe3061ffc4a79228
-
Size
934KB
-
MD5
1798d5236e812c8ddfec2f7905789ea0
-
SHA1
11b9c9cab78180c7e899d19201d6d69f09d00e77
-
SHA256
67f62a109aec23c9defd624deaf058fa14ea68f803abcc77fe3061ffc4a79228
-
SHA512
80ec67fd892b05d9cab867f4566cc119e5ab55c58af153341b70e97535b9fffa43c7ab123636a58e00a15223c0524dbfca62cc195255ac035095a02d436d3b90
-
SSDEEP
12288:zJB0lh5aILwtFPCfmAUtFC6NXbv+GEiLFxXkxjVpdjwjDUcHMVcQioPzFbfmT2+X:zQ5aILMCfmAUjzX6gfU1pjwjbsmQdmTv
Score10/10-
KPOT
KPOT is an information stealer that steals user data and account credentials.
-
KPOT Core Executable
-
Trickbot
Developed in 2016, TrickBot is one of the more recent banking Trojans.
-
Trickbot x86 loader
Detected Trickbot's x86 loader that unpacks the x86 payload.
-
Stops running service(s)
-
Executes dropped EXE
-
Loads dropped DLL
-
Drops file in System32 directory
-