Overview

overview

10

Static

static

3

426fb7b515...3c.exe

windows7-x64

10

426fb7b515...3c.exe

windows10-2004-x64

10

Sharing

Copy URL
Twitter E-mail

General

  • Target

    426fb7b515cef8db65ef38980d8cc0b01fc12084f0bd7a33e4290e9fb1ed043c

  • Size

    1.0MB

  • Sample

    240526-zwqxlaca6v

  • MD5

    2cc9e1d0e03ca6a0998f1361282ae394

  • SHA1

    e690dfceb4da060def5ff7f28d10c6652a1766e3

  • SHA256

    426fb7b515cef8db65ef38980d8cc0b01fc12084f0bd7a33e4290e9fb1ed043c

  • SHA512

    511fe4f163ac85f7c6fa4c8009c545313bdaf9519d7aabf12b805a9de0de40f13fbda760ab49f1daf0746d6e41592bbdf0388dca5a8e2437b71e5b7e2bd2715e

  • SSDEEP

    24576:zQ5aILMCfmAUhrSO1YNWdvCzMPqdUD6dNDmwi+j0:E5aIwC+AUBsWsXHLw

Score
10/10
trickbotbankerevasionexecutiontrojan

Malware Config

Targets

    • Target

      426fb7b515cef8db65ef38980d8cc0b01fc12084f0bd7a33e4290e9fb1ed043c

    • Size

      1.0MB

    • MD5

      2cc9e1d0e03ca6a0998f1361282ae394

    • SHA1

      e690dfceb4da060def5ff7f28d10c6652a1766e3

    • SHA256

      426fb7b515cef8db65ef38980d8cc0b01fc12084f0bd7a33e4290e9fb1ed043c

    • SHA512

      511fe4f163ac85f7c6fa4c8009c545313bdaf9519d7aabf12b805a9de0de40f13fbda760ab49f1daf0746d6e41592bbdf0388dca5a8e2437b71e5b7e2bd2715e

    • SSDEEP

      24576:zQ5aILMCfmAUhrSO1YNWdvCzMPqdUD6dNDmwi+j0:E5aIwC+AUBsWsXHLw

    Score
    10/10
    trickbotbankerevasionexecutiontrojan

    • Trickbot

      Developed in 2016, TrickBot is one of the more recent banking Trojans.

      trojanbankertrickbot

    • Trickbot x86 loader

      Detected Trickbot's x86 loader that unpacks the x86 payload.

    • Stops running service(s)

      evasionexecution

    • Executes dropped EXE

    • Loads dropped DLL

    • Drops file in System32 directory

    behavioral1behavioral2

MITRE ATT&CK Enterprise v15

Tasks