General

  • Target

    6903fcf0eb78bf63a98edb89b87d9c4b_JaffaCakes118

  • Size

    350KB

  • Sample

    240522-3k54xsdd56

  • MD5

    6903fcf0eb78bf63a98edb89b87d9c4b

  • SHA1

    e3d85a2b05c04b7d7c0f046f1a513848f7054ef7

  • SHA256

    4624c37234303e6ac930b65635ee898482a178ce5923b8aeec90bb94dd30efe4

  • SHA512

    b5e748c9c9f5e0092de71cbdad9687ea7ca4cf5756902afa6839ba7392e957d32fa678013bef1d96801a2b59556158b4aa7fb600f26fbd73d6f14e81dfb6f409

  • SSDEEP

    6144:+mZNUq21p5TPNQELDYd1aW8n0kpJfY28rmUA6lSQUzt5LXp/keqj:+uEzN7M/N8LpJfY28iT5

Score
10/10

Malware Config

Targets

    • Target

      6903fcf0eb78bf63a98edb89b87d9c4b_JaffaCakes118

    • Size

      350KB

    • MD5

      6903fcf0eb78bf63a98edb89b87d9c4b

    • SHA1

      e3d85a2b05c04b7d7c0f046f1a513848f7054ef7

    • SHA256

      4624c37234303e6ac930b65635ee898482a178ce5923b8aeec90bb94dd30efe4

    • SHA512

      b5e748c9c9f5e0092de71cbdad9687ea7ca4cf5756902afa6839ba7392e957d32fa678013bef1d96801a2b59556158b4aa7fb600f26fbd73d6f14e81dfb6f409

    • SSDEEP

      6144:+mZNUq21p5TPNQELDYd1aW8n0kpJfY28rmUA6lSQUzt5LXp/keqj:+uEzN7M/N8LpJfY28iT5

    Score
    10/10
    • Trickbot

      Developed in 2016, TrickBot is one of the more recent banking Trojans.

    • Trickbot x86 loader

      Detected Trickbot's x86 loader that unpacks the x86 payload.

    • Checks computer location settings

      Looks up country code configured in the registry, likely geofence.

    • Executes dropped EXE

    • Loads dropped DLL

MITRE ATT&CK Matrix ATT&CK v13

Discovery

Query Registry

2
T1012

System Information Discovery

2
T1082

Tasks