Overview

overview

10

Static

static

3

04a2ffe656...cs.exe

windows7-x64

10

04a2ffe656...cs.exe

windows10-2004-x64

10

Sharing

Copy URL
Twitter E-mail

General

  • Target

    04a2ffe65675cfb56de90f9dc8c6f120_NeikiAnalytics.exe

  • Size

    1.0MB

  • Sample

    240528-znhagsbg5z

  • MD5

    04a2ffe65675cfb56de90f9dc8c6f120

  • SHA1

    feafd82166892da9fde4ddb989cf925a7ed690a9

  • SHA256

    a0c55a6731d0fe1ca9f6a3c787b36e0fc5dc2581be24b7ec7c89e2399fa96552

  • SHA512

    e12e5cfda1927c6483c3b84dc88546efacda6ef17a531aa1fc7fe98012053bc816b01346af5d707e0f80fda9b5996e319cd3758ac9f24e7d402819cdcff0b7c1

  • SSDEEP

    24576:zQ5aILMCfmAUhrSO1YNWdvCzMPqdUD6dNDmw2P:E5aIwC+AUBsWsXH2P

Score
10/10
trickbotbankerevasionexecutiontrojan

Malware Config

Targets

    • Target

      04a2ffe65675cfb56de90f9dc8c6f120_NeikiAnalytics.exe

    • Size

      1.0MB

    • MD5

      04a2ffe65675cfb56de90f9dc8c6f120

    • SHA1

      feafd82166892da9fde4ddb989cf925a7ed690a9

    • SHA256

      a0c55a6731d0fe1ca9f6a3c787b36e0fc5dc2581be24b7ec7c89e2399fa96552

    • SHA512

      e12e5cfda1927c6483c3b84dc88546efacda6ef17a531aa1fc7fe98012053bc816b01346af5d707e0f80fda9b5996e319cd3758ac9f24e7d402819cdcff0b7c1

    • SSDEEP

      24576:zQ5aILMCfmAUhrSO1YNWdvCzMPqdUD6dNDmw2P:E5aIwC+AUBsWsXH2P

    Score
    10/10
    trickbotbankerevasionexecutiontrojan

    • Trickbot

      Developed in 2016, TrickBot is one of the more recent banking Trojans.

      trojanbankertrickbot

    • Trickbot x86 loader

      Detected Trickbot's x86 loader that unpacks the x86 payload.

    • Stops running service(s)

      evasionexecution

    • Executes dropped EXE

    • Loads dropped DLL

    • Drops file in System32 directory

    behavioral1behavioral2

MITRE ATT&CK Enterprise v15

Tasks