trickbot | 92d6fb844eb4d22887fd0e39b1b2bd30f5ad2ea9182e5a70bcc7148f18b1f006 | Triage

Submit
Reports

Overview

overview

Static

static

3

6e316bb921...18.exe

windows7-x64

6e316bb921...18.exe

windows10-2004-x64

Sharing

General

Target

6e316bb9211c463ba0b505b22cdba956_JaffaCakes118
Size

450KB
Sample

240524-mgyyfadg44
MD5

6e316bb9211c463ba0b505b22cdba956
SHA1

22f41a78522a36b1ea1f57151d425bdc4d0ffe53
SHA256

92d6fb844eb4d22887fd0e39b1b2bd30f5ad2ea9182e5a70bcc7148f18b1f006
SHA512

47e515b953113b492fed8e135a86262e514175bdff198950c70569030e7ee3988de527f4f5422548da92d63a12adf59fb1551e332a6ce1219b83fe6e44d4b8d3
SSDEEP

12288:BbpgK8MYxToZCZvAJwQ6hIlAYxaxUr6lK4i0Z4RLI:ZpgK89WXEUaxUsas

Score

10^/10

trickbot banker trojan

Static task

static1

1 signatures

Behavioral task

behavioral1

Sample

6e316bb9211c463ba0b505b22cdba956_JaffaCakes118.exe

Resource

win7-20240508-en

trickbot banker trojan

windows7-x64

9 signatures

150 seconds

Behavioral task

behavioral2

Sample

6e316bb9211c463ba0b505b22cdba956_JaffaCakes118.exe

Resource

win10v2004-20240508-en

trickbot banker trojan

windows10-2004-x64

9 signatures

150 seconds

Malware Config

Targets

- Target
  
  6e316bb9211c463ba0b505b22cdba956_JaffaCakes118
- Size
  
  450KB
- MD5
  
  6e316bb9211c463ba0b505b22cdba956
- SHA1
  
  22f41a78522a36b1ea1f57151d425bdc4d0ffe53
- SHA256
  
  92d6fb844eb4d22887fd0e39b1b2bd30f5ad2ea9182e5a70bcc7148f18b1f006
- SHA512
  
  47e515b953113b492fed8e135a86262e514175bdff198950c70569030e7ee3988de527f4f5422548da92d63a12adf59fb1551e332a6ce1219b83fe6e44d4b8d3
- SSDEEP
  
  12288:BbpgK8MYxToZCZvAJwQ6hIlAYxaxUr6lK4i0Z4RLI:ZpgK89WXEUaxUsas
Score

10^/10

trickbot banker trojan
- Trickbot
  Developed in 2016, TrickBot is one of the more recent banking Trojans.
  trojan banker trickbot
- Trickbot x86 loader
  Detected Trickbot's x86 loader that unpacks the x86 payload.
- Checks computer location settings
  Looks up country code configured in the registry, likely geofence.
- Executes dropped EXE
- Loads dropped DLL
behavioral1 behavioral2

MITRE ATT&CK Matrix ATT&CK v13

Initial Access

Execution

Persistence

Privilege Escalation

Defense Evasion

Credential Access

Discovery

Query Registry

System Information Discovery

Lateral Movement

Collection

Exfiltration

Command and Control

Impact

Resource Development

Reconnaissance

Tasks

static1

behavioral1

trickbotbankertrojan

behavioral2

trickbotbankertrojan

© 2018-2024

Terms | Privacy