Overview

overview

10

Static

static

3

3e1a4f5a28...cs.exe

windows7-x64

10

3e1a4f5a28...cs.exe

windows10-2004-x64

10

Sharing

Copy URL
Twitter E-mail

General

  • Target

    3e1a4f5a28fb96d9596bca92ef13ca90_NeikiAnalytics.exe

  • Size

    1014KB

  • Sample

    240528-lvs4nsff92

  • MD5

    3e1a4f5a28fb96d9596bca92ef13ca90

  • SHA1

    ba5867e39835636174d6a129de8b48b0b2b17131

  • SHA256

    2f68f2ba07209c11769f12258949c6622b89c8188c2767b1e781e9ede461cd65

  • SHA512

    756265471b7ff97cbffaac0a2e32c67b9b22412c58e427723a7c9c3d202bc5b957593794b2735fac73c9afb64ab90bd9ee5808a833929c00e78d44761fe18266

  • SSDEEP

    24576:zQ5aILMCfmAUhrSO1YNWdvCzMPqdUD6dNDmwO:E5aIwC+AUBsWsXHO

Score
10/10
trickbotbankerevasionexecutiontrojan

Malware Config

Targets

    • Target

      3e1a4f5a28fb96d9596bca92ef13ca90_NeikiAnalytics.exe

    • Size

      1014KB

    • MD5

      3e1a4f5a28fb96d9596bca92ef13ca90

    • SHA1

      ba5867e39835636174d6a129de8b48b0b2b17131

    • SHA256

      2f68f2ba07209c11769f12258949c6622b89c8188c2767b1e781e9ede461cd65

    • SHA512

      756265471b7ff97cbffaac0a2e32c67b9b22412c58e427723a7c9c3d202bc5b957593794b2735fac73c9afb64ab90bd9ee5808a833929c00e78d44761fe18266

    • SSDEEP

      24576:zQ5aILMCfmAUhrSO1YNWdvCzMPqdUD6dNDmwO:E5aIwC+AUBsWsXHO

    Score
    10/10
    trickbotbankerevasionexecutiontrojan

    • Trickbot

      Developed in 2016, TrickBot is one of the more recent banking Trojans.

      trojanbankertrickbot

    • Trickbot x86 loader

      Detected Trickbot's x86 loader that unpacks the x86 payload.

    • Stops running service(s)

      evasionexecution

    • Executes dropped EXE

    • Loads dropped DLL

    • Drops file in System32 directory

    behavioral1behavioral2

MITRE ATT&CK Enterprise v15

Tasks