Overview

overview

10

Static

static

3

cf4740cace...18.exe

windows7-x64

10

cf4740cace...18.exe

windows10-2004-x64

10

Sharing

Copy URL
Twitter E-mail

General

  • Target

    cf4740cace4d8a017217e80bd88b12e3_JaffaCakes118

  • Size

    83KB

  • Sample

    240906-ly5lwazgpc

  • MD5

    cf4740cace4d8a017217e80bd88b12e3

  • SHA1

    09ef7f8593add6fcf89cc437f6e738d8c14205d8

  • SHA256

    d8390cc24f338357c27473cf49a879a2b7bac17063f77df825bad8c32eacc750

  • SHA512

    7bb661b5e8b4b1109b2f0d619641db0abe9d2c87e4f5f8af021554c6ab55cb954f5fcc153f1516cfaa94d5678906e968f128bb1babd28b2237dbdc592c270858

  • SSDEEP

    1536:kFmkPvCdVDTww5PIv0P8mtguB5EhzxduTNSZANDZPUW6SGonuxGMGj:kJvYDmvQguLEhH+xZsW6SbR

Score
10/10
trickbotbankerdefense_evasiondiscoverytrojan

Malware Config

Targets

    • Target

      cf4740cace4d8a017217e80bd88b12e3_JaffaCakes118

    • Size

      83KB

    • MD5

      cf4740cace4d8a017217e80bd88b12e3

    • SHA1

      09ef7f8593add6fcf89cc437f6e738d8c14205d8

    • SHA256

      d8390cc24f338357c27473cf49a879a2b7bac17063f77df825bad8c32eacc750

    • SHA512

      7bb661b5e8b4b1109b2f0d619641db0abe9d2c87e4f5f8af021554c6ab55cb954f5fcc153f1516cfaa94d5678906e968f128bb1babd28b2237dbdc592c270858

    • SSDEEP

      1536:kFmkPvCdVDTww5PIv0P8mtguB5EhzxduTNSZANDZPUW6SGonuxGMGj:kJvYDmvQguLEhH+xZsW6SbR

    Score
    10/10
    trickbotbankerdefense_evasiondiscoverytrojan

    • Trickbot

      Developed in 2016, TrickBot is one of the more recent banking Trojans.

      trojanbankertrickbot

    • Trickbot x86 loader

      Detected Trickbot's x86 loader that unpacks the x86 payload.

    • Deletes itself

    • Indicator Removal: File Deletion

      Adversaries may delete files left behind by the actions of their intrusion activity.

      defense_evasion

    • Drops file in System32 directory

    behavioral1behavioral2

MITRE ATT&CK Enterprise v15

Tasks