Overview

overview

10

Static

static

3

2da1d4cc6c...18.exe

windows7-x64

10

2da1d4cc6c...18.exe

windows10-2004-x64

10

Sharing

Copy URL
Twitter E-mail

General

  • Target

    2da1d4cc6c7a815a9b644475060c8c85_JaffaCakes118

  • Size

    314KB

  • Sample

    240708-yqhtcsycrg

  • MD5

    2da1d4cc6c7a815a9b644475060c8c85

  • SHA1

    305864b19b3bacea25243bac415264b401e34d6b

  • SHA256

    0f466eebf214bea517664f3fb34099deb9f12f7910c0d962d7d6957c8ca09362

  • SHA512

    f9f47ac6a4abe7ab2cb91d0f4e6f20b4dc7c28b83df588010191adb30031865e41cc0fff8f98c4226085b0bd9c2e1375bfa5f1e4c58868b3b9380aeaba198ed2

  • SSDEEP

    6144:Pu1TYYRYx0SxYYq1eIk/M9W9MlBkwaUVAv4zDKGvfYYwXe:QYYXSqC/Mw9MjxAvQXYZXe

Score
10/10
trickbotbankerevasionexecutiontrojan

Malware Config

Targets

    • Target

      2da1d4cc6c7a815a9b644475060c8c85_JaffaCakes118

    • Size

      314KB

    • MD5

      2da1d4cc6c7a815a9b644475060c8c85

    • SHA1

      305864b19b3bacea25243bac415264b401e34d6b

    • SHA256

      0f466eebf214bea517664f3fb34099deb9f12f7910c0d962d7d6957c8ca09362

    • SHA512

      f9f47ac6a4abe7ab2cb91d0f4e6f20b4dc7c28b83df588010191adb30031865e41cc0fff8f98c4226085b0bd9c2e1375bfa5f1e4c58868b3b9380aeaba198ed2

    • SSDEEP

      6144:Pu1TYYRYx0SxYYq1eIk/M9W9MlBkwaUVAv4zDKGvfYYwXe:QYYXSqC/Mw9MjxAvQXYZXe

    Score
    10/10
    trickbotbankerevasionexecutiontrojan

    • Trickbot

      Developed in 2016, TrickBot is one of the more recent banking Trojans.

      trojanbankertrickbot

    • Trickbot x86 loader

      Detected Trickbot's x86 loader that unpacks the x86 payload.

    • Stops running service(s)

      evasionexecution

    • Executes dropped EXE

    • Loads dropped DLL

    • Drops file in System32 directory

    behavioral1behavioral2

MITRE ATT&CK Enterprise v15

Tasks