Overview

overview

10

Static

static

3

20240825ec...id.exe

windows7-x64

10

20240825ec...id.exe

windows10-2004-x64

10

Sharing

Copy URL
Twitter E-mail

General

  • Target

    20240825ec9e16f672b6ef0ef4de7d9be6399be2icedid

  • Size

    516KB

  • Sample

    240825-tnjknasfpg

  • MD5

    ec9e16f672b6ef0ef4de7d9be6399be2

  • SHA1

    e925353d6df71cc63fd0518dcbdfe0cc5faece9b

  • SHA256

    967cf5154473d834c8119fb47a05122a64282f40591651595e0a63a23257fe8b

  • SHA512

    66a9e4cceb434bf600fe7b4a654d55cfa97aa57b9dce8fe454d6621f25910476df33bd98bb68999377dc3ce207e65781c685f59732781a02cb9c24f80aa689aa

  • SSDEEP

    12288:Zx1Q61iHsXYvfVpMODDawkCurdEtttY31vRgZtNpS:ZXQUIsQpMsequrmG3A5pS

Score
10/10
trickbotbankerdiscoverytrojan

Malware Config

Targets

    • Target

      20240825ec9e16f672b6ef0ef4de7d9be6399be2icedid

    • Size

      516KB

    • MD5

      ec9e16f672b6ef0ef4de7d9be6399be2

    • SHA1

      e925353d6df71cc63fd0518dcbdfe0cc5faece9b

    • SHA256

      967cf5154473d834c8119fb47a05122a64282f40591651595e0a63a23257fe8b

    • SHA512

      66a9e4cceb434bf600fe7b4a654d55cfa97aa57b9dce8fe454d6621f25910476df33bd98bb68999377dc3ce207e65781c685f59732781a02cb9c24f80aa689aa

    • SSDEEP

      12288:Zx1Q61iHsXYvfVpMODDawkCurdEtttY31vRgZtNpS:ZXQUIsQpMsequrmG3A5pS

    Score
    10/10
    trickbotbankerdiscoverytrojan

    • Trickbot

      Developed in 2016, TrickBot is one of the more recent banking Trojans.

      trojanbankertrickbot

    • Trickbot x86 loader

      Detected Trickbot's x86 loader that unpacks the x86 payload.

    • Checks computer location settings

      Looks up country code configured in the registry, likely geofence.

    • Executes dropped EXE

    • Loads dropped DLL

    behavioral1behavioral2

MITRE ATT&CK Enterprise v15

Tasks