General

  • Target

    07a93d1b791f806cb9a2a24251e7f410.exe

  • Size

    1.2MB

  • Sample

    240705-z6fvdawcpq

  • MD5

    07a93d1b791f806cb9a2a24251e7f410

  • SHA1

    9fe049e30a34792d8fab0d2d3b72ae736fb84ee7

  • SHA256

    9933b6a09784801f5015300af6a49b0092513c41fec22cc76d51f031af0813c0

  • SHA512

    6f009fa1f008a83f109646594e80d265a17fbfc3060e18af2257b20ede2dc5c585ef28a16c9ccea91db6aed1bdc8aad38ee4adc18207c596431bd1d9a8362d89

  • SSDEEP

    24576:zQ5aILMCfmAUjzX6xQtjmssdqex1hl+dZQZOx:E5aIwC+Agr6StYCfx

Malware Config

Targets

    • Target

      07a93d1b791f806cb9a2a24251e7f410.exe

    • Size

      1.2MB

    • MD5

      07a93d1b791f806cb9a2a24251e7f410

    • SHA1

      9fe049e30a34792d8fab0d2d3b72ae736fb84ee7

    • SHA256

      9933b6a09784801f5015300af6a49b0092513c41fec22cc76d51f031af0813c0

    • SHA512

      6f009fa1f008a83f109646594e80d265a17fbfc3060e18af2257b20ede2dc5c585ef28a16c9ccea91db6aed1bdc8aad38ee4adc18207c596431bd1d9a8362d89

    • SSDEEP

      24576:zQ5aILMCfmAUjzX6xQtjmssdqex1hl+dZQZOx:E5aIwC+Agr6StYCfx

    • KPOT

      KPOT is an information stealer that steals user data and account credentials.

    • KPOT Core Executable

    • Trickbot

      Developed in 2016, TrickBot is one of the more recent banking Trojans.

    • Trickbot x86 loader

      Detected Trickbot's x86 loader that unpacks the x86 payload.

    • Stops running service(s)

    • Executes dropped EXE

    • Loads dropped DLL

    • Drops file in System32 directory

MITRE ATT&CK Enterprise v15

Tasks