Overview

overview

10

Static

static

3

9ad25bf41c...18.exe

windows7-x64

10

9ad25bf41c...18.exe

windows10-2004-x64

10

Analysis

  • max time kernel
    147s
  • max time network
    153s
  • platform
    windows10-2004_x64
  • resource
    win10v2004-20240508-en
  • resource tags

    arch:x64arch:x86image:win10v2004-20240508-enlocale:en-usos:windows10-2004-x64system
  • submitted
    10-06-2024 13:31

Sharing

Copy URL
Twitter E-mail
Report Analysis Logs

General

  • Target

    9ad25bf41c28b3f37da6e2dc3232693a_JaffaCakes118.exe

  • Size

    448KB

  • MD5

    9ad25bf41c28b3f37da6e2dc3232693a

  • SHA1

    a33f27bd351549f312b6ce8ae0618497e5407899

  • SHA256

    0902dbefa33a7880a8b9cd542431520fed9c030a5774472a6c0f21ba31cf3ba1

  • SHA512

    19b57f8099f7a2ce6c73800b2a5eb93745bcfc1f63e46e7c6c68944c40fb052d1725549ce8877e4fba4e78cfca537a6541af8b30d1e5c0bc04b64b8933052aa8

  • SSDEEP

    12288:QboBb/W9ANGBAFb5i0P6HfewKQLYg0yCx:4xBAiAHwfz

Score
10/10
trickbotbankerdavetrojan

Malware Config

Signatures

  • Trickbot

    Developed in 2016, TrickBot is one of the more recent banking Trojans.

    trojanbankertrickbot
  • Dave packer 2 IoCs

    Detects executable using a packer named 'Dave' by the community, based on a string at the end.

    dave
  • Suspicious behavior: EnumeratesProcesses 2 IoCs

Processes

  • C:\Users\Admin\AppData\Local\Temp\9ad25bf41c28b3f37da6e2dc3232693a_JaffaCakes118.exe
    "C:\Users\Admin\AppData\Local\Temp\9ad25bf41c28b3f37da6e2dc3232693a_JaffaCakes118.exe"
    1⤵
    • Suspicious behavior: EnumeratesProcesses
    PID:3220

Network

MITRE ATT&CK Matrix

Replay Monitor

Loading Replay Monitor...

Downloads

  • memory/3220-3-0x0000000002640000-0x0000000002672000-memory.dmp

    Filesize

    200KB

    Download

  • memory/3220-9-0x00000000027B0000-0x00000000027DF000-memory.dmp

    Filesize

    188KB

    Download

  • memory/3220-8-0x0000000002610000-0x0000000002640000-memory.dmp

    Filesize

    192KB

    Download

  • memory/3220-10-0x0000000002780000-0x00000000027AE000-memory.dmp

    Filesize

    184KB

    Download

  • memory/3220-7-0x00000000027B0000-0x00000000027DF000-memory.dmp

    Filesize

    188KB

    Download

  • memory/3220-93-0x00000000027B0000-0x00000000027DF000-memory.dmp

    Filesize

    188KB

    Download