General

  • Target

    93c9c0083a9007f5cd4ee9f07059a220N.exe

  • Size

    1015KB

  • Sample

    240723-kwsnvsybrr

  • MD5

    93c9c0083a9007f5cd4ee9f07059a220

  • SHA1

    391fe3e4e7016c5dd6722c56573ed53c5e734db7

  • SHA256

    9b5f05e1df1f4e1fe14e6e1802ab8768fcc8cae028c4d9d85b5b6b17384ff32a

  • SHA512

    9f625965b6ce11d6d959f767779286493e94471ded9a677f21a3a39c3b8b8f1d0727e9e524ada5d9db50df838a703e6539427758c5d4a715bd56edcb6bdd659b

  • SSDEEP

    24576:zQ5aILMCfmAUjzX6gfU1pjwjbsXhmfnOB9ISUc:E5aIwC+Agr6g81p1WM9px

Malware Config

Targets

    • Target

      93c9c0083a9007f5cd4ee9f07059a220N.exe

    • Size

      1015KB

    • MD5

      93c9c0083a9007f5cd4ee9f07059a220

    • SHA1

      391fe3e4e7016c5dd6722c56573ed53c5e734db7

    • SHA256

      9b5f05e1df1f4e1fe14e6e1802ab8768fcc8cae028c4d9d85b5b6b17384ff32a

    • SHA512

      9f625965b6ce11d6d959f767779286493e94471ded9a677f21a3a39c3b8b8f1d0727e9e524ada5d9db50df838a703e6539427758c5d4a715bd56edcb6bdd659b

    • SSDEEP

      24576:zQ5aILMCfmAUjzX6gfU1pjwjbsXhmfnOB9ISUc:E5aIwC+Agr6g81p1WM9px

    • KPOT

      KPOT is an information stealer that steals user data and account credentials.

    • KPOT Core Executable

    • Trickbot

      Developed in 2016, TrickBot is one of the more recent banking Trojans.

    • Trickbot x86 loader

      Detected Trickbot's x86 loader that unpacks the x86 payload.

    • Stops running service(s)

    • Executes dropped EXE

    • Loads dropped DLL

    • Drops file in System32 directory

MITRE ATT&CK Enterprise v15

Tasks