Overview

overview

10

Static

static

3

8d13af3702...18.exe

windows7-x64

10

8d13af3702...18.exe

windows10-2004-x64

10

Sharing

Copy URL
Twitter E-mail

General

  • Target

    8d13af3702d2f0b8598e5c0421f002cb_JaffaCakes118

  • Size

    265KB

  • Sample

    240602-ghz91ach8w

  • MD5

    8d13af3702d2f0b8598e5c0421f002cb

  • SHA1

    c72101f1591b00396bcb8710f35283bdd742e06c

  • SHA256

    7135ddf422b543528dd66f6db047761b01a2d538efa530a8ebfbb3f76fc38ab6

  • SHA512

    16985a30b96f0f5095531b79ef56c95141b0506a7b3c1e49d0a53ae402cfffa7d023212d7fb2ceea1488baf55b90447ca54adb551a98b9f969ffe5c115c314ab

  • SSDEEP

    6144:0sndQKnNVBi47Zl/7PrS6axzQR/iC7sW0jw3c0G:VdQKP97T5FRibxgG

Score
10/10
trickbotbankerevasionexecutiontrojan

Malware Config

Targets

    • Target

      8d13af3702d2f0b8598e5c0421f002cb_JaffaCakes118

    • Size

      265KB

    • MD5

      8d13af3702d2f0b8598e5c0421f002cb

    • SHA1

      c72101f1591b00396bcb8710f35283bdd742e06c

    • SHA256

      7135ddf422b543528dd66f6db047761b01a2d538efa530a8ebfbb3f76fc38ab6

    • SHA512

      16985a30b96f0f5095531b79ef56c95141b0506a7b3c1e49d0a53ae402cfffa7d023212d7fb2ceea1488baf55b90447ca54adb551a98b9f969ffe5c115c314ab

    • SSDEEP

      6144:0sndQKnNVBi47Zl/7PrS6axzQR/iC7sW0jw3c0G:VdQKP97T5FRibxgG

    Score
    10/10
    trickbotbankerevasionexecutiontrojan

    • Trickbot

      Developed in 2016, TrickBot is one of the more recent banking Trojans.

      trojanbankertrickbot

    • Trickbot x86 loader

      Detected Trickbot's x86 loader that unpacks the x86 payload.

    • Stops running service(s)

      evasionexecution

    • Executes dropped EXE

    • Loads dropped DLL

    • Drops file in System32 directory

    behavioral1behavioral2

MITRE ATT&CK Enterprise v15

Tasks