trickbot | 4624c37234303e6ac930b65635ee898482a178ce5923b8aeec90bb94dd30efe4 | Triage

Submit
Reports

Overview

overview

Static

static

3

6903fcf0eb...18.exe

windows7-x64

6903fcf0eb...18.exe

windows10-2004-x64

Sharing

General

Target

6903fcf0eb78bf63a98edb89b87d9c4b_JaffaCakes118
Size

350KB
Sample

240522-3k54xsdd56
MD5

6903fcf0eb78bf63a98edb89b87d9c4b
SHA1

e3d85a2b05c04b7d7c0f046f1a513848f7054ef7
SHA256

4624c37234303e6ac930b65635ee898482a178ce5923b8aeec90bb94dd30efe4
SHA512

b5e748c9c9f5e0092de71cbdad9687ea7ca4cf5756902afa6839ba7392e957d32fa678013bef1d96801a2b59556158b4aa7fb600f26fbd73d6f14e81dfb6f409
SSDEEP

6144:+mZNUq21p5TPNQELDYd1aW8n0kpJfY28rmUA6lSQUzt5LXp/keqj:+uEzN7M/N8LpJfY28iT5

Score

10^/10

trickbot banker trojan

Static task

static1

1 signatures

Behavioral task

behavioral1

Sample

6903fcf0eb78bf63a98edb89b87d9c4b_JaffaCakes118.exe

Resource

win7-20240221-en

trickbot banker trojan

windows7-x64

8 signatures

150 seconds

Behavioral task

behavioral2

Sample

6903fcf0eb78bf63a98edb89b87d9c4b_JaffaCakes118.exe

Resource

win10v2004-20240508-en

trickbot banker trojan

windows10-2004-x64

8 signatures

150 seconds

Malware Config

Targets

- Target
  
  6903fcf0eb78bf63a98edb89b87d9c4b_JaffaCakes118
- Size
  
  350KB
- MD5
  
  6903fcf0eb78bf63a98edb89b87d9c4b
- SHA1
  
  e3d85a2b05c04b7d7c0f046f1a513848f7054ef7
- SHA256
  
  4624c37234303e6ac930b65635ee898482a178ce5923b8aeec90bb94dd30efe4
- SHA512
  
  b5e748c9c9f5e0092de71cbdad9687ea7ca4cf5756902afa6839ba7392e957d32fa678013bef1d96801a2b59556158b4aa7fb600f26fbd73d6f14e81dfb6f409
- SSDEEP
  
  6144:+mZNUq21p5TPNQELDYd1aW8n0kpJfY28rmUA6lSQUzt5LXp/keqj:+uEzN7M/N8LpJfY28iT5
Score

10^/10

trickbot banker trojan
- Trickbot
  Developed in 2016, TrickBot is one of the more recent banking Trojans.
  trojan banker trickbot
- Trickbot x86 loader
  Detected Trickbot's x86 loader that unpacks the x86 payload.
- Checks computer location settings
  Looks up country code configured in the registry, likely geofence.
- Executes dropped EXE
- Loads dropped DLL
behavioral1 behavioral2

MITRE ATT&CK Matrix ATT&CK v13

Initial Access

Execution

Persistence

Privilege Escalation

Defense Evasion

Credential Access

Discovery

Query Registry

System Information Discovery

Lateral Movement

Collection

Exfiltration

Command and Control

Impact

Resource Development

Reconnaissance

Tasks

static1

behavioral1

trickbotbankertrojan

behavioral2

trickbotbankertrojan

© 2018-2024

Terms | Privacy