Overview

overview

10

Static

static

3

ce129cee5b...18.exe

windows7-x64

10

ce129cee5b...18.exe

windows10-2004-x64

10

Sharing

Copy URL
Twitter E-mail

General

  • Target

    ce129cee5be5d9b0f76598f8421704ef_JaffaCakes118

  • Size

    341KB

  • Sample

    240905-2eet4ssall

  • MD5

    ce129cee5be5d9b0f76598f8421704ef

  • SHA1

    cafa55c44306c7b34da136ae58e4a8ee5dec2bd0

  • SHA256

    b1bb113dfb88b0d924755df1bf3c01ee53cb4e0f4d863adc6473a2bd67c301a3

  • SHA512

    8e48d4d00913e21784a8a6eba3eb42163e148178f3cb4e611930b2adbe8c3220d8ea9550cc1176bb864e42ae2705080a1b6959f6a3a9cf9d74cc144d53ecf122

  • SSDEEP

    6144:eob2C77P99/Aj78Ryyw8AalYFkQKssGuHZdiyuZscShDeDJzUOu9:evO9h7yyFqiQxfsBNeN

Score
10/10
trickbotbankerdiscoverytrojan

Malware Config

Targets

    • Target

      ce129cee5be5d9b0f76598f8421704ef_JaffaCakes118

    • Size

      341KB

    • MD5

      ce129cee5be5d9b0f76598f8421704ef

    • SHA1

      cafa55c44306c7b34da136ae58e4a8ee5dec2bd0

    • SHA256

      b1bb113dfb88b0d924755df1bf3c01ee53cb4e0f4d863adc6473a2bd67c301a3

    • SHA512

      8e48d4d00913e21784a8a6eba3eb42163e148178f3cb4e611930b2adbe8c3220d8ea9550cc1176bb864e42ae2705080a1b6959f6a3a9cf9d74cc144d53ecf122

    • SSDEEP

      6144:eob2C77P99/Aj78Ryyw8AalYFkQKssGuHZdiyuZscShDeDJzUOu9:evO9h7yyFqiQxfsBNeN

    Score
    10/10
    trickbotbankerdiscoverytrojan

    • Trickbot

      Developed in 2016, TrickBot is one of the more recent banking Trojans.

      trojanbankertrickbot

    • Trickbot x86 loader

      Detected Trickbot's x86 loader that unpacks the x86 payload.

    • Checks computer location settings

      Looks up country code configured in the registry, likely geofence.

    • Executes dropped EXE

    • Loads dropped DLL

    behavioral1behavioral2

MITRE ATT&CK Enterprise v15

Tasks