Overview

overview

10

Static

static

3

b4e2db7927...0N.exe

windows7-x64

10

b4e2db7927...0N.exe

windows10-2004-x64

10

Sharing

Copy URL
Twitter E-mail

General

  • Target

    b4e2db7927219c5a8a6de22e7a159f40N

  • Size

    558KB

  • Sample

    240909-ksy2gazeqk

  • MD5

    b4e2db7927219c5a8a6de22e7a159f40

  • SHA1

    42e7205f35ffa5311208867cc3ac563d0c6874af

  • SHA256

    cd0a125a6af8b014b593281246a0dad433934beaa5a751e8179eb4796ae2f4e2

  • SHA512

    bc9a8d85de090618d4abc89231828d7aee247f75b0e2971bed579add7445d6fc42777bb5aaed035817f77e8728990aa791636298176cac425ff3f6f580166201

  • SSDEEP

    12288:Zx1Q61iHsXYvfVpMODDawkCurdEtttYGwO7UPdYBMoD:ZXQUIsQpMsequrmGGwO4C2oD

Score
10/10
trickbotbankerdiscoverytrojan

Malware Config

Targets

    • Target

      b4e2db7927219c5a8a6de22e7a159f40N

    • Size

      558KB

    • MD5

      b4e2db7927219c5a8a6de22e7a159f40

    • SHA1

      42e7205f35ffa5311208867cc3ac563d0c6874af

    • SHA256

      cd0a125a6af8b014b593281246a0dad433934beaa5a751e8179eb4796ae2f4e2

    • SHA512

      bc9a8d85de090618d4abc89231828d7aee247f75b0e2971bed579add7445d6fc42777bb5aaed035817f77e8728990aa791636298176cac425ff3f6f580166201

    • SSDEEP

      12288:Zx1Q61iHsXYvfVpMODDawkCurdEtttYGwO7UPdYBMoD:ZXQUIsQpMsequrmGGwO4C2oD

    Score
    10/10
    trickbotbankerdiscoverytrojan

    • Trickbot

      Developed in 2016, TrickBot is one of the more recent banking Trojans.

      trojanbankertrickbot

    • Trickbot x86 loader

      Detected Trickbot's x86 loader that unpacks the x86 payload.

    • Checks computer location settings

      Looks up country code configured in the registry, likely geofence.

    • Executes dropped EXE

    • Loads dropped DLL

    behavioral1behavioral2

MITRE ATT&CK Enterprise v15

Tasks