Overview

overview

10

Static

static

3

821e4ed507...18.exe

windows7-x64

10

821e4ed507...18.exe

windows10-2004-x64

10

Sharing

Copy URL
Twitter E-mail

General

  • Target

    821e4ed507878cd2e1b6c7c215da9090_JaffaCakes118

  • Size

    828KB

  • Sample

    240529-14pvyabg8w

  • MD5

    821e4ed507878cd2e1b6c7c215da9090

  • SHA1

    0216f295e6b498dd09376e6de693b5573c17456e

  • SHA256

    3d662fc8007d60de28089087e384fbc44dccdd8b8f8923409df56c0acbc430eb

  • SHA512

    4c836bf11da4ffd0d2fa5e1d0575e592f48ec8fbe489371a648c5b1f0e24d3168ea444af7a6a3b85567cf2d616b9219caa529a53543bbbc4ed33388928f28ce1

  • SSDEEP

    12288:bhrKyYpabW95xnAi90drN/k1kzSXq6Jw+Ri+n:bhPYpab/iSdrNMezSTo+n

Score
10/10
trickbotbankerevasionexecutiontrojan

Malware Config

Targets

    • Target

      821e4ed507878cd2e1b6c7c215da9090_JaffaCakes118

    • Size

      828KB

    • MD5

      821e4ed507878cd2e1b6c7c215da9090

    • SHA1

      0216f295e6b498dd09376e6de693b5573c17456e

    • SHA256

      3d662fc8007d60de28089087e384fbc44dccdd8b8f8923409df56c0acbc430eb

    • SHA512

      4c836bf11da4ffd0d2fa5e1d0575e592f48ec8fbe489371a648c5b1f0e24d3168ea444af7a6a3b85567cf2d616b9219caa529a53543bbbc4ed33388928f28ce1

    • SSDEEP

      12288:bhrKyYpabW95xnAi90drN/k1kzSXq6Jw+Ri+n:bhPYpab/iSdrNMezSTo+n

    Score
    10/10
    trickbotbankerevasionexecutiontrojan

    • Trickbot

      Developed in 2016, TrickBot is one of the more recent banking Trojans.

      trojanbankertrickbot

    • Trickbot x86 loader

      Detected Trickbot's x86 loader that unpacks the x86 payload.

    • Stops running service(s)

      evasionexecution

    • Executes dropped EXE

    • Loads dropped DLL

    • Drops file in System32 directory

    behavioral1behavioral2

MITRE ATT&CK Enterprise v15

Tasks