Overview

overview

10

Static

static

3

b6b746b453...18.exe

windows7-x64

10

b6b746b453...18.exe

windows10-2004-x64

10

Sharing

Copy URL
Twitter E-mail

General

  • Target

    b6b746b4538dba9e3016b7afe6707341_JaffaCakes118

  • Size

    409KB

  • Sample

    240617-ew3aeatfkg

  • MD5

    b6b746b4538dba9e3016b7afe6707341

  • SHA1

    6dd445a26c6b120d5473bf7502a4a2cc105fa9b1

  • SHA256

    b2c0ff066088af142c374caea22757f021b810043761b3ec969cf57178ec5f0d

  • SHA512

    b65c43d27942ebac6f44eb80d2d335bbf52f5ae64e0487a433438aa81f616aef61a2e420339e6add983bdfa3e3986f2b0d9e6a63e7ddcf786e303f712af7a9fc

  • SSDEEP

    6144:lN4y/IlOJtP9lIzXqr+D6bRXDLEs6bE0s8JOHs0Q+aPR:lS8IYJtP9KzXqrW6FXDLEsj0jOYFR

Score
10/10
trickbotbankerevasionexecutiontrojan

Malware Config

Targets

    • Target

      b6b746b4538dba9e3016b7afe6707341_JaffaCakes118

    • Size

      409KB

    • MD5

      b6b746b4538dba9e3016b7afe6707341

    • SHA1

      6dd445a26c6b120d5473bf7502a4a2cc105fa9b1

    • SHA256

      b2c0ff066088af142c374caea22757f021b810043761b3ec969cf57178ec5f0d

    • SHA512

      b65c43d27942ebac6f44eb80d2d335bbf52f5ae64e0487a433438aa81f616aef61a2e420339e6add983bdfa3e3986f2b0d9e6a63e7ddcf786e303f712af7a9fc

    • SSDEEP

      6144:lN4y/IlOJtP9lIzXqr+D6bRXDLEs6bE0s8JOHs0Q+aPR:lS8IYJtP9KzXqrW6FXDLEsj0jOYFR

    Score
    10/10
    trickbotbankerevasionexecutiontrojan

    • Trickbot

      Developed in 2016, TrickBot is one of the more recent banking Trojans.

      trojanbankertrickbot

    • Trickbot x86 loader

      Detected Trickbot's x86 loader that unpacks the x86 payload.

    • Stops running service(s)

      evasionexecution

    • Executes dropped EXE

    • Loads dropped DLL

    • Drops file in System32 directory

    behavioral1behavioral2

MITRE ATT&CK Enterprise v15

Tasks