General
-
Target
21237b83e39b56108b33fa9208e20bd0N.exe
-
Size
1.1MB
-
Sample
240723-3nbpgsvgkk
-
MD5
21237b83e39b56108b33fa9208e20bd0
-
SHA1
2da6620e429aaa64ae28c97e07411ad331dea04c
-
SHA256
dc45d3955a7ee5a57d9324bbadabd18a9163a77a558537eeb04ada72d6e1cd29
-
SHA512
24fef9944ee6813f744d6076eec1f91bef1540f0f9af4bd1b31cc352866a590ed864fb1b17ae8cef921d0f3563314bc4d81fa0ab5ddba164b6283298cfcaa770
-
SSDEEP
24576:zQ5aILMCfmAUjzX6xQ0+wCIygDsAUSTsU9+s8juCC2SNh:E5aIwC+Agr6SNasrsFCi
Malware Config
Targets
-
-
Target
21237b83e39b56108b33fa9208e20bd0N.exe
-
Size
1.1MB
-
MD5
21237b83e39b56108b33fa9208e20bd0
-
SHA1
2da6620e429aaa64ae28c97e07411ad331dea04c
-
SHA256
dc45d3955a7ee5a57d9324bbadabd18a9163a77a558537eeb04ada72d6e1cd29
-
SHA512
24fef9944ee6813f744d6076eec1f91bef1540f0f9af4bd1b31cc352866a590ed864fb1b17ae8cef921d0f3563314bc4d81fa0ab5ddba164b6283298cfcaa770
-
SSDEEP
24576:zQ5aILMCfmAUjzX6xQ0+wCIygDsAUSTsU9+s8juCC2SNh:E5aIwC+Agr6SNasrsFCi
Score10/10-
KPOT
KPOT is an information stealer that steals user data and account credentials.
-
KPOT Core Executable
-
Trickbot
Developed in 2016, TrickBot is one of the more recent banking Trojans.
-
Trickbot x86 loader
Detected Trickbot's x86 loader that unpacks the x86 payload.
-
Stops running service(s)
-
Executes dropped EXE
-
Loads dropped DLL
-
Command and Scripting Interpreter: PowerShell
Using powershell.exe command.
-
Drops file in System32 directory
-