General
-
Target
c365ce008d92687bdb65bf410d5f9f9b1fcb47a2feb6f96bc130a6666e32011f
-
Size
1.1MB
-
Sample
240725-cz23pstaqn
-
MD5
34e4497a92cf7e4fa478b83628880581
-
SHA1
9d55704fc35cf3b501bc5a51892f6ee5ac29d4d3
-
SHA256
c365ce008d92687bdb65bf410d5f9f9b1fcb47a2feb6f96bc130a6666e32011f
-
SHA512
60cc22f89bbfe776993a27cb46b77b18303248d406eba6f0da411be43e1964e04f3c1995890d7beca5e9d963536b3145a3258cc439684358cf4ea70cd7f0346f
-
SSDEEP
24576:zQ5aILMCfmAUjzX6xQ0+wCIygDsAUSTsU9+s8juCCh:E5aIwC+Agr6SNasrsFCg
Malware Config
Targets
-
-
Target
c365ce008d92687bdb65bf410d5f9f9b1fcb47a2feb6f96bc130a6666e32011f
-
Size
1.1MB
-
MD5
34e4497a92cf7e4fa478b83628880581
-
SHA1
9d55704fc35cf3b501bc5a51892f6ee5ac29d4d3
-
SHA256
c365ce008d92687bdb65bf410d5f9f9b1fcb47a2feb6f96bc130a6666e32011f
-
SHA512
60cc22f89bbfe776993a27cb46b77b18303248d406eba6f0da411be43e1964e04f3c1995890d7beca5e9d963536b3145a3258cc439684358cf4ea70cd7f0346f
-
SSDEEP
24576:zQ5aILMCfmAUjzX6xQ0+wCIygDsAUSTsU9+s8juCCh:E5aIwC+Agr6SNasrsFCg
Score10/10-
KPOT
KPOT is an information stealer that steals user data and account credentials.
-
KPOT Core Executable
-
Trickbot
Developed in 2016, TrickBot is one of the more recent banking Trojans.
-
Trickbot x86 loader
Detected Trickbot's x86 loader that unpacks the x86 payload.
-
Stops running service(s)
-
Executes dropped EXE
-
Loads dropped DLL
-
Command and Scripting Interpreter: PowerShell
Using powershell.exe command.
-
Drops file in System32 directory
-