trickbot | 71296cf7fa0c4ab72891226f3510fc2c36a96248a85580f5c65d881c8b12a675 | Triage

Submit
Reports

Overview

overview

Static

static

3

2024-08-24...id.exe

windows7-x64

2024-08-24...id.exe

windows10-2004-x64

Sharing

General

Target

2024-08-24_6d55c28364e2139f648e36be6a890cfc_icedid
Size

514KB
Sample

240824-t7jprszama
MD5

6d55c28364e2139f648e36be6a890cfc
SHA1

fce590239116f1ee9e83ad71a347f1f96c9c4aa6
SHA256

71296cf7fa0c4ab72891226f3510fc2c36a96248a85580f5c65d881c8b12a675
SHA512

b9a53f84e009db7ba6d63a8f674992f7aeaecf90d672dbf5c72eafa9429cbca84c37684cdd86599ddc3107b455d336e1dc638bf35eab1d5dc3e9d04451a78bfd
SSDEEP

12288:Zx1Q61iHsXYvfVpMODDawkCurdEtttYfZr1zW:ZXQUIsQpMsequrmGRr1zW

Score

10^/10

trickbot banker discovery trojan

Static task

static1

1 signatures

Behavioral task

behavioral1

Sample

2024-08-24_6d55c28364e2139f648e36be6a890cfc_icedid.exe

Resource

win7-20240708-en

trickbot banker discovery trojan

windows7-x64

10 signatures

150 seconds

Behavioral task

behavioral2

Sample

2024-08-24_6d55c28364e2139f648e36be6a890cfc_icedid.exe

Resource

win10v2004-20240802-en

trickbot banker discovery trojan

windows10-2004-x64

10 signatures

150 seconds

Malware Config

Targets

- Target
  
  2024-08-24_6d55c28364e2139f648e36be6a890cfc_icedid
- Size
  
  514KB
- MD5
  
  6d55c28364e2139f648e36be6a890cfc
- SHA1
  
  fce590239116f1ee9e83ad71a347f1f96c9c4aa6
- SHA256
  
  71296cf7fa0c4ab72891226f3510fc2c36a96248a85580f5c65d881c8b12a675
- SHA512
  
  b9a53f84e009db7ba6d63a8f674992f7aeaecf90d672dbf5c72eafa9429cbca84c37684cdd86599ddc3107b455d336e1dc638bf35eab1d5dc3e9d04451a78bfd
- SSDEEP
  
  12288:Zx1Q61iHsXYvfVpMODDawkCurdEtttYfZr1zW:ZXQUIsQpMsequrmGRr1zW
Score

10^/10

trickbot banker discovery trojan
- Trickbot
  Developed in 2016, TrickBot is one of the more recent banking Trojans.
  trojan banker trickbot
- Trickbot x86 loader
  Detected Trickbot's x86 loader that unpacks the x86 payload.
- Checks computer location settings
  Looks up country code configured in the registry, likely geofence.
- Executes dropped EXE
- Loads dropped DLL
behavioral1 behavioral2

MITRE ATT&CK Enterprise v15

Reconnaissance

Resource Development

Initial Access

Execution

Persistence

Privilege Escalation

Defense Evasion

Credential Access

Discovery

Query Registry

System Information Discovery

System Location Discovery

System Language Discovery

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Tasks

static1

behavioral1

trickbotbankerdiscoverytrojan

behavioral2

trickbotbankerdiscoverytrojan

© 2018-2025

Terms | Privacy