Overview

overview

10

Static

static

3

65904a20e9...cs.exe

windows7-x64

10

65904a20e9...cs.exe

windows10-2004-x64

10

Sharing

Copy URL
Twitter E-mail

General

  • Target

    65904a20e9ce0a62fe0c4ab0a851a820_NeikiAnalytics.exe

  • Size

    1.1MB

  • Sample

    240530-fnyspage86

  • MD5

    65904a20e9ce0a62fe0c4ab0a851a820

  • SHA1

    f5f9ae755693bc082aac4da156fa17bbd98e34d7

  • SHA256

    97e62575d0c00d00e144bee723a85a9676fd7ac501fabe5113789e5cc39bab2b

  • SHA512

    7c6f05538bb60882d04e2c8e98419c5984eace640b7e4f9e98f3d59c6d30957c4d21cce6e23cd3602b1c5a8a43ee38d4db611011c3c20c30582f2a7e61760f8d

  • SSDEEP

    24576:zQ5aILMCfmAUhrSO1YNWdvCzMPqdUD6dNXfpt7wb:E5aIwC+AUBsWsXZEb

Score
10/10
trickbotbankerevasionexecutiontrojan

Malware Config

Targets

    • Target

      65904a20e9ce0a62fe0c4ab0a851a820_NeikiAnalytics.exe

    • Size

      1.1MB

    • MD5

      65904a20e9ce0a62fe0c4ab0a851a820

    • SHA1

      f5f9ae755693bc082aac4da156fa17bbd98e34d7

    • SHA256

      97e62575d0c00d00e144bee723a85a9676fd7ac501fabe5113789e5cc39bab2b

    • SHA512

      7c6f05538bb60882d04e2c8e98419c5984eace640b7e4f9e98f3d59c6d30957c4d21cce6e23cd3602b1c5a8a43ee38d4db611011c3c20c30582f2a7e61760f8d

    • SSDEEP

      24576:zQ5aILMCfmAUhrSO1YNWdvCzMPqdUD6dNXfpt7wb:E5aIwC+AUBsWsXZEb

    Score
    10/10
    trickbotbankerevasionexecutiontrojan

    • Trickbot

      Developed in 2016, TrickBot is one of the more recent banking Trojans.

      trojanbankertrickbot

    • Trickbot x86 loader

      Detected Trickbot's x86 loader that unpacks the x86 payload.

    • Stops running service(s)

      evasionexecution

    • Executes dropped EXE

    • Loads dropped DLL

    • Drops file in System32 directory

    behavioral1behavioral2

MITRE ATT&CK Enterprise v15

Tasks