Overview

overview

10

Static

static

3

JaffaCakes...21.exe

windows7-x64

10

JaffaCakes...21.exe

windows10-2004-x64

10

Sharing

Copy URL
Twitter E-mail

General

  • Target

    JaffaCakes118_bc8ea8b8f7f55c1949c0e6e30a4c0688a1832414d48e0412921b724ab9d48a21

  • Size

    864KB

  • Sample

    241224-1j833sxrhx

  • MD5

    f358a16d797e8c97127eddf5577576d6

  • SHA1

    3d82fa86b61916a129bc571a12af16f4d0543acd

  • SHA256

    bc8ea8b8f7f55c1949c0e6e30a4c0688a1832414d48e0412921b724ab9d48a21

  • SHA512

    b230da7822403a7c83ac75d785b1584de77af70891da000c39e46204322befda9586ece6946746af2e1a71dd4307774352997f9f28a6a0b93c49430c37d63e1d

  • SSDEEP

    24576:5V1hZH53bA7IXJIn7LsSTNoWcZwXwuqT16:A7i+sZwG16

Score
10/10
trickbotbankerdiscoverytrojan

Malware Config

Targets

    • Target

      JaffaCakes118_bc8ea8b8f7f55c1949c0e6e30a4c0688a1832414d48e0412921b724ab9d48a21

    • Size

      864KB

    • MD5

      f358a16d797e8c97127eddf5577576d6

    • SHA1

      3d82fa86b61916a129bc571a12af16f4d0543acd

    • SHA256

      bc8ea8b8f7f55c1949c0e6e30a4c0688a1832414d48e0412921b724ab9d48a21

    • SHA512

      b230da7822403a7c83ac75d785b1584de77af70891da000c39e46204322befda9586ece6946746af2e1a71dd4307774352997f9f28a6a0b93c49430c37d63e1d

    • SSDEEP

      24576:5V1hZH53bA7IXJIn7LsSTNoWcZwXwuqT16:A7i+sZwG16

    Score
    10/10
    trickbotbankerdiscoverytrojan

    • Trickbot

      Developed in 2016, TrickBot is one of the more recent banking Trojans.

      trojanbankertrickbot

    • Trickbot family

      trickbot

    • Trickbot x86 loader

      Detected Trickbot's x86 loader that unpacks the x86 payload.

    • Checks computer location settings

      Looks up country code configured in the registry, likely geofence.

    • Executes dropped EXE

    • Loads dropped DLL

    behavioral1behavioral2

MITRE ATT&CK Enterprise v15

Tasks