Overview

overview

10

Static

static

3

1a4619133e...cs.exe

windows7-x64

10

1a4619133e...cs.exe

windows10-2004-x64

10

Sharing

Copy URL
Twitter E-mail

General

  • Target

    1a4619133e95207c436a94f73a21ba90_NeikiAnalytics.exe

  • Size

    1.0MB

  • Sample

    240517-xn4glsdh64

  • MD5

    1a4619133e95207c436a94f73a21ba90

  • SHA1

    6f0858438ccef86b85f2b46bf5e0a0f31abd9311

  • SHA256

    55ec3f1745b4056631b125bb050f4dd0ef6a1ee5baba729442119031c2d37d0c

  • SHA512

    ffbb523b5fdc8d514becb3815d3c5190446823b348362b51f24472a53b5e4cd86d2b92ed04d9e1df53a84de856f662583c1fd32e9c52c53c7b92245de9d771a9

  • SSDEEP

    24576:zQ5aILMCfmAUhrSO1YNWdvCzMPqdUD6dNXfpa6T:E5aIwC+AUBsWsXr

Score
10/10
trickbotbankerevasionexecutiontrojan

Malware Config

Targets

    • Target

      1a4619133e95207c436a94f73a21ba90_NeikiAnalytics.exe

    • Size

      1.0MB

    • MD5

      1a4619133e95207c436a94f73a21ba90

    • SHA1

      6f0858438ccef86b85f2b46bf5e0a0f31abd9311

    • SHA256

      55ec3f1745b4056631b125bb050f4dd0ef6a1ee5baba729442119031c2d37d0c

    • SHA512

      ffbb523b5fdc8d514becb3815d3c5190446823b348362b51f24472a53b5e4cd86d2b92ed04d9e1df53a84de856f662583c1fd32e9c52c53c7b92245de9d771a9

    • SSDEEP

      24576:zQ5aILMCfmAUhrSO1YNWdvCzMPqdUD6dNXfpa6T:E5aIwC+AUBsWsXr

    Score
    10/10
    trickbotbankerevasionexecutiontrojan

    • Trickbot

      Developed in 2016, TrickBot is one of the more recent banking Trojans.

      trojanbankertrickbot

    • Trickbot x86 loader

      Detected Trickbot's x86 loader that unpacks the x86 payload.

    • Stops running service(s)

      evasionexecution

    • Executes dropped EXE

    • Loads dropped DLL

    • Drops file in System32 directory

    behavioral1behavioral2

MITRE ATT&CK Enterprise v15

Tasks