Overview

overview

10

Static

static

3

c81c150335...cs.exe

windows7-x64

10

c81c150335...cs.exe

windows10-2004-x64

10

Sharing

Copy URL
Twitter E-mail

General

  • Target

    c81c15033546ec1d3bcd1f953a59db20_NeikiAnalytics.exe

  • Size

    1.0MB

  • Sample

    240518-p6m9cace2y

  • MD5

    c81c15033546ec1d3bcd1f953a59db20

  • SHA1

    6dd304ba63d818783d0acbe476cb7beb4691b04f

  • SHA256

    0c16051cf1ac9077bd9e810b95acb6493244e1fc0cd0944b1ba5845ec45fb90b

  • SHA512

    9bec75f568311c99cd8ef4cd318b2a70f6bd39cd3e918c80d0970c7cdb016796372291907b4937db9844892793340696144a0267105cafd74513acfea9c51b8b

  • SSDEEP

    24576:zQ5aILMCfmAUhrSO1YNWdvCzMPqdUD6dNXfpt:E5aIwC+AUBsWsXZ

Score
10/10
trickbotbankerevasionexecutiontrojan

Malware Config

Targets

    • Target

      c81c15033546ec1d3bcd1f953a59db20_NeikiAnalytics.exe

    • Size

      1.0MB

    • MD5

      c81c15033546ec1d3bcd1f953a59db20

    • SHA1

      6dd304ba63d818783d0acbe476cb7beb4691b04f

    • SHA256

      0c16051cf1ac9077bd9e810b95acb6493244e1fc0cd0944b1ba5845ec45fb90b

    • SHA512

      9bec75f568311c99cd8ef4cd318b2a70f6bd39cd3e918c80d0970c7cdb016796372291907b4937db9844892793340696144a0267105cafd74513acfea9c51b8b

    • SSDEEP

      24576:zQ5aILMCfmAUhrSO1YNWdvCzMPqdUD6dNXfpt:E5aIwC+AUBsWsXZ

    Score
    10/10
    trickbotbankerevasionexecutiontrojan

    • Trickbot

      Developed in 2016, TrickBot is one of the more recent banking Trojans.

      trojanbankertrickbot

    • Trickbot x86 loader

      Detected Trickbot's x86 loader that unpacks the x86 payload.

    • Stops running service(s)

      evasionexecution

    • Executes dropped EXE

    • Loads dropped DLL

    • Drops file in System32 directory

    behavioral1behavioral2

MITRE ATT&CK Enterprise v15

Tasks