trickbot | f2e3ffc81a10e1c4fa279fc19778546514b51a8c33a4864f93b2da1f69110594 | Triage

Sharing

General

Target

79f76635bda045f2ca1330d5362394cd_JaffaCakes118
Size

680KB
Sample

240527-wbmgwsca5v
MD5

79f76635bda045f2ca1330d5362394cd
SHA1

8f4bf8a6912adb10030afb6bda947af4e998b9dc
SHA256

f2e3ffc81a10e1c4fa279fc19778546514b51a8c33a4864f93b2da1f69110594
SHA512

1e0cfbfb656f4cadd42ea2bd08aec56e04a6b4cec01a387ea3d074b2358cf0b202385804f8bb4861e37e7e32ae4d8a9e0039ed9a53a2c4d9f39e505e371c1803
SSDEEP

12288:n5ba2SroKa5pwYM30A25cyDbXHELnUimJX+kdagdThKk/A6Mq:lSfaM30A25Amn/VUjq

Score

10^/10

trickbot banker trojan

Malware Config

Targets

- Target
  
  79f76635bda045f2ca1330d5362394cd_JaffaCakes118
- Size
  
  680KB
- MD5
  
  79f76635bda045f2ca1330d5362394cd
- SHA1
  
  8f4bf8a6912adb10030afb6bda947af4e998b9dc
- SHA256
  
  f2e3ffc81a10e1c4fa279fc19778546514b51a8c33a4864f93b2da1f69110594
- SHA512
  
  1e0cfbfb656f4cadd42ea2bd08aec56e04a6b4cec01a387ea3d074b2358cf0b202385804f8bb4861e37e7e32ae4d8a9e0039ed9a53a2c4d9f39e505e371c1803
- SSDEEP
  
  12288:n5ba2SroKa5pwYM30A25cyDbXHELnUimJX+kdagdThKk/A6Mq:lSfaM30A25Amn/VUjq
Score

10^/10

trickbot banker trojan
- Trickbot
  Developed in 2016, TrickBot is one of the more recent banking Trojans.
  trojan banker trickbot
- Executes dropped EXE
- Loads dropped DLL
behavioral1 behavioral2

MITRE ATT&CK Enterprise v15

Reconnaissance

Resource Development

Initial Access

Execution

Persistence

Privilege Escalation

Defense Evasion

Credential Access

Discovery

Query Registry

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Tasks

static1

behavioral1

trickbotbankertrojan

behavioral2

trickbotbankertrojan