Overview

overview

10

Static

static

1

26991e003c...18.msi

windows7-x64

10

26991e003c...18.msi

windows10-2004-x64

10

Sharing

Copy URL
Twitter E-mail

General

  • Target

    26991e003c7df1b7ed815750866abd09_JaffaCakes118

  • Size

    900KB

  • Sample

    240728-1xnz3a1fqc

  • MD5

    26991e003c7df1b7ed815750866abd09

  • SHA1

    029301174bd92c2dc2e5f2b4df426c33305ecdd7

  • SHA256

    e2db78db122785f0740bef4de8eef75a56370da463e1d9948aff66494ab7388e

  • SHA512

    9f22acffb159858365a9ee128f497b21e1cd7a6d631a4924dc5c19cf42ab63f7f0acb23e8219c89281fd6b0dd9872f3134540c9c7aacd06b2ffc98168fdbc485

  • SSDEEP

    6144:T/tWxOo6HFxhXTh/fotWZrgj1migvH74OULb:TFWxOo6lTNYWlkDo8X

Score
10/10
trickbotbankerdiscoverypersistenceprivilege_escalationtrojan

Malware Config

Targets

    • Target

      26991e003c7df1b7ed815750866abd09_JaffaCakes118

    • Size

      900KB

    • MD5

      26991e003c7df1b7ed815750866abd09

    • SHA1

      029301174bd92c2dc2e5f2b4df426c33305ecdd7

    • SHA256

      e2db78db122785f0740bef4de8eef75a56370da463e1d9948aff66494ab7388e

    • SHA512

      9f22acffb159858365a9ee128f497b21e1cd7a6d631a4924dc5c19cf42ab63f7f0acb23e8219c89281fd6b0dd9872f3134540c9c7aacd06b2ffc98168fdbc485

    • SSDEEP

      6144:T/tWxOo6HFxhXTh/fotWZrgj1migvH74OULb:TFWxOo6lTNYWlkDo8X

    Score
    10/10
    trickbotbankerdiscoverypersistenceprivilege_escalationtrojan

    • Trickbot

      Developed in 2016, TrickBot is one of the more recent banking Trojans.

      trojanbankertrickbot

    • Trickbot x86 loader

      Detected Trickbot's x86 loader that unpacks the x86 payload.

    • Enumerates connected drives

      Attempts to read the root path of hard drives other than the default C: drive.

    behavioral1behavioral2

MITRE ATT&CK Enterprise v15

Tasks