Overview

overview

10

Static

static

3

73f9f9abda...18.exe

windows7-x64

10

73f9f9abda...18.exe

windows10-2004-x64

10

Sharing

Copy URL
Twitter E-mail

General

  • Target

    73f9f9abdac6a5cfb9980ea4b86ecdd9_JaffaCakes118

  • Size

    364KB

  • Sample

    240526-cbwk1saf9w

  • MD5

    73f9f9abdac6a5cfb9980ea4b86ecdd9

  • SHA1

    f0bd593cd9bc23f0efeeaf3b9a8f1119727ecb63

  • SHA256

    2472b7a1048087c623281509f68ca2201c7578251fba30e0f88c86cc1225c00d

  • SHA512

    22424f9f5e2200e9a6e089c3727c8916daf1ae5b100aacc217bfa391c58d2c51674826e4c29b2001eb5dc1ab6dfcb78fc71914fa13a7ba0855193695aa40bee0

  • SSDEEP

    6144:oKhVeSawYl7YCjs81NxlFHnIGY3wvsxWxS55ViQaKGWK8/zSiOQJPsp+6phcs:ph0SxussNxlFHn5Y+M5WmG782lwShcs

Score
10/10
trickbotbankertrojan

Malware Config

Targets

    • Target

      73f9f9abdac6a5cfb9980ea4b86ecdd9_JaffaCakes118

    • Size

      364KB

    • MD5

      73f9f9abdac6a5cfb9980ea4b86ecdd9

    • SHA1

      f0bd593cd9bc23f0efeeaf3b9a8f1119727ecb63

    • SHA256

      2472b7a1048087c623281509f68ca2201c7578251fba30e0f88c86cc1225c00d

    • SHA512

      22424f9f5e2200e9a6e089c3727c8916daf1ae5b100aacc217bfa391c58d2c51674826e4c29b2001eb5dc1ab6dfcb78fc71914fa13a7ba0855193695aa40bee0

    • SSDEEP

      6144:oKhVeSawYl7YCjs81NxlFHnIGY3wvsxWxS55ViQaKGWK8/zSiOQJPsp+6phcs:ph0SxussNxlFHn5Y+M5WmG782lwShcs

    Score
    10/10
    trickbotbankertrojan

    • Trickbot

      Developed in 2016, TrickBot is one of the more recent banking Trojans.

      trojanbankertrickbot

    • Trickbot x86 loader

      Detected Trickbot's x86 loader that unpacks the x86 payload.

    • Checks computer location settings

      Looks up country code configured in the registry, likely geofence.

    • Executes dropped EXE

    • Loads dropped DLL

    behavioral1behavioral2

MITRE ATT&CK Enterprise v15

Tasks