Resubmissions

03-08-2024 17:19

240803-vv3sjszdkm 10

03-08-2024 09:36

240803-lk7jbazanq 10

General

  • Target

    7fb1de391d2e8956aab8a707ba7047b0N.exe

  • Size

    368KB

  • Sample

    240803-vv3sjszdkm

  • MD5

    7fb1de391d2e8956aab8a707ba7047b0

  • SHA1

    b4596d683f948181068395159cf245d7faf5617a

  • SHA256

    e31ace5602fa7c78e8a7c73efded326053a27ee8b94a868e3487c798803d8f3b

  • SHA512

    32b7e4773585434eabc057f3af32c08726bf347bac1a3375b87cff22e1b8498b90821f918047778a7e22add83293dcc08d3ccdb8c74ae0a75616f1cd39153305

  • SSDEEP

    6144:eo5N5OazOZaTDWlVnrchrahdOxveC2wo80/agxb0zLz4q0:emSuOcHmnYhrDMTrban4q0

Malware Config

Targets

    • Target

      7fb1de391d2e8956aab8a707ba7047b0N.exe

    • Size

      368KB

    • MD5

      7fb1de391d2e8956aab8a707ba7047b0

    • SHA1

      b4596d683f948181068395159cf245d7faf5617a

    • SHA256

      e31ace5602fa7c78e8a7c73efded326053a27ee8b94a868e3487c798803d8f3b

    • SHA512

      32b7e4773585434eabc057f3af32c08726bf347bac1a3375b87cff22e1b8498b90821f918047778a7e22add83293dcc08d3ccdb8c74ae0a75616f1cd39153305

    • SSDEEP

      6144:eo5N5OazOZaTDWlVnrchrahdOxveC2wo80/agxb0zLz4q0:emSuOcHmnYhrDMTrban4q0

    • Trickbot

      Developed in 2016, TrickBot is one of the more recent banking Trojans.

    • Trickbot x86 loader

      Detected Trickbot's x86 loader that unpacks the x86 payload.

    • Stops running service(s)

    • Executes dropped EXE

    • Loads dropped DLL

    • Command and Scripting Interpreter: PowerShell

      Using powershell.exe command.

    • Drops file in System32 directory

MITRE ATT&CK Enterprise v15

Tasks