Overview

overview

10

Static

static

3

8061cb1704...18.exe

windows7-x64

10

8061cb1704...18.exe

windows10-2004-x64

10

Sharing

Copy URL
Twitter E-mail

General

  • Target

    8061cb1704f18210e601363c26c89fca_JaffaCakes118

  • Size

    732KB

  • Sample

    240529-l8w3gsbb5y

  • MD5

    8061cb1704f18210e601363c26c89fca

  • SHA1

    6890087f361bb5eafb92b1574d8d1b907d3de1bf

  • SHA256

    6c46836c3f5b304f13e57ed77ee9e3fc0361b040339b3dc23acc7730f490ab07

  • SHA512

    950a4798bf94f2256aa37ec6f6bd0ad40bbc6300b46cc1bad81838d849d5fc6258a6e35ae277d91355c01beae6f32079d5cdf2ff10e054b253ff44a8a0eebe31

  • SSDEEP

    12288:u1JJsh+EOWm1M5rv+itJE6yqr5PS6i0ZkUvBp:ZyWkMDfrcCZkUvX

Score
10/10
trickbotbankerdavetrojan

Malware Config

Targets

    • Target

      8061cb1704f18210e601363c26c89fca_JaffaCakes118

    • Size

      732KB

    • MD5

      8061cb1704f18210e601363c26c89fca

    • SHA1

      6890087f361bb5eafb92b1574d8d1b907d3de1bf

    • SHA256

      6c46836c3f5b304f13e57ed77ee9e3fc0361b040339b3dc23acc7730f490ab07

    • SHA512

      950a4798bf94f2256aa37ec6f6bd0ad40bbc6300b46cc1bad81838d849d5fc6258a6e35ae277d91355c01beae6f32079d5cdf2ff10e054b253ff44a8a0eebe31

    • SSDEEP

      12288:u1JJsh+EOWm1M5rv+itJE6yqr5PS6i0ZkUvBp:ZyWkMDfrcCZkUvX

    Score
    10/10
    trickbotbankerdavetrojan

    • Trickbot

      Developed in 2016, TrickBot is one of the more recent banking Trojans.

      trojanbankertrickbot

    • Dave packer

      Detects executable using a packer named 'Dave' by the community, based on a string at the end.

      dave

    • Checks computer location settings

      Looks up country code configured in the registry, likely geofence.

    • Executes dropped EXE

    • Loads dropped DLL

    behavioral1behavioral2

MITRE ATT&CK Enterprise v15

Tasks