Overview

overview

10

Static

static

3

a4ebfe9aa6...cs.exe

windows7-x64

10

a4ebfe9aa6...cs.exe

windows10-2004-x64

10

Sharing

Copy URL
Twitter E-mail

General

  • Target

    a4ebfe9aa6a2012b29e5cd2acee67bd0_NeikiAnalytics.exe

  • Size

    1.1MB

  • Sample

    240524-evywlach4y

  • MD5

    a4ebfe9aa6a2012b29e5cd2acee67bd0

  • SHA1

    1025b663e13c8d8e0f8b41a070c0cfbceb779d03

  • SHA256

    c9e4e1d05f05ecf088f37769b6c7b04b4d5f13f0f27755e2e7b1d192b153b978

  • SHA512

    77907c6cfee08d021244eb6e9086b85212d0624354c7f231703e2fbe49a59590b3e77dd134900b059bc018d37474c914d2f930e39432ab87025d2e7659a05673

  • SSDEEP

    24576:zQ5aILMCfmAUhrSO1YNWdvCzMPqdUD6dNXfpt7le:E5aIwC+AUBsWsXZY

Score
10/10
trickbotbankerevasionexecutiontrojan

Malware Config

Targets

    • Target

      a4ebfe9aa6a2012b29e5cd2acee67bd0_NeikiAnalytics.exe

    • Size

      1.1MB

    • MD5

      a4ebfe9aa6a2012b29e5cd2acee67bd0

    • SHA1

      1025b663e13c8d8e0f8b41a070c0cfbceb779d03

    • SHA256

      c9e4e1d05f05ecf088f37769b6c7b04b4d5f13f0f27755e2e7b1d192b153b978

    • SHA512

      77907c6cfee08d021244eb6e9086b85212d0624354c7f231703e2fbe49a59590b3e77dd134900b059bc018d37474c914d2f930e39432ab87025d2e7659a05673

    • SSDEEP

      24576:zQ5aILMCfmAUhrSO1YNWdvCzMPqdUD6dNXfpt7le:E5aIwC+AUBsWsXZY

    Score
    10/10
    trickbotbankerevasionexecutiontrojan

    • Trickbot

      Developed in 2016, TrickBot is one of the more recent banking Trojans.

      trojanbankertrickbot

    • Trickbot x86 loader

      Detected Trickbot's x86 loader that unpacks the x86 payload.

    • Stops running service(s)

      evasionexecution

    • Executes dropped EXE

    • Loads dropped DLL

    • Drops file in System32 directory

    behavioral1behavioral2

MITRE ATT&CK Enterprise v15

Tasks