trickbot | bf100eeaa8749d9a492d0ef75ad7ab518d263848174e7760773fde7c11f37948 | Triage

Submit
Reports

Overview

overview

Static

static

1

9010033790...69.vbs

windows7-x64

9010033790...69.vbs

windows10-2004-x64

1

Sharing

General

Target

JaffaCakes118_bf100eeaa8749d9a492d0ef75ad7ab518d263848174e7760773fde7c11f37948
Size

381KB
Sample

241224-2lxnhazkgm
MD5

6760c6a1bd24b422579d064add09e957
SHA1

b50fc0662f6c1179b55c835c42d36d3460d116ea
SHA256

bf100eeaa8749d9a492d0ef75ad7ab518d263848174e7760773fde7c11f37948
SHA512

eab4bdf84b66993b4f427de8344e614b45fb7cad699786847b854b12ab5adce20025b743e748269f68bc14c9589bf3d63534150ed0b40f690bc04bbdd7ef5e47
SSDEEP

6144:7Z/nT6F0zX9v+rlXmdtfkj1QCFJwkvIyIzVEW7W+900yAxGSfStOOwO1DUQ:FfVhWlmDfSXIBEAW+OtAxGSfcOOwO1DP

Score

10^/10

trickbot banker defense_evasion discovery packer trojan

Static task

static1

Behavioral task

behavioral1

Sample

90100337904166d873fb7d0b8ff6e9c0c156f15a09aa78f62019d7f4698ab069.vbs

Resource

win7-20240903-en

trickbot banker defense_evasion discovery packer trojan

windows7-x64

8 signatures

150 seconds

Behavioral task

behavioral2

Sample

90100337904166d873fb7d0b8ff6e9c0c156f15a09aa78f62019d7f4698ab069.vbs

Resource

win10v2004-20241007-en

windows10-2004-x64

0 signatures

150 seconds

Malware Config

Targets

- Target
  
  90100337904166d873fb7d0b8ff6e9c0c156f15a09aa78f62019d7f4698ab069.vbs
- Size
  
  974KB
- MD5
  
  9519df9ae170e1beef2c4f132d2de878
- SHA1
  
  6a4d0474f140bd912af3e53c1a3b977b7875f264
- SHA256
  
  90100337904166d873fb7d0b8ff6e9c0c156f15a09aa78f62019d7f4698ab069
- SHA512
  
  3f4010864e9ca3c591f34e865f293d9089ac616c369eb7a5378ce6970d03e7a4577a5e1377977e9bcc1459cfde347c7e3723e8e079404c7a328bd0f8b74a4d1b
- SSDEEP
  
  24576:PUFUHaQAww6F0Rim/UXuunSPVFBES2BFBmkrD27hYDNfk5fW12+C/5IicxMi:d
Score

10^/10

trickbot banker defense_evasion discovery packer trojan
- Trickbot
  Developed in 2016, TrickBot is one of the more recent banking Trojans.
  trojan banker trickbot
- Trickbot family
  trickbot
- Templ.dll packer
  Detects Templ.dll packer which usually loads Trickbot.
  packer
- Loads dropped DLL
- Deobfuscate/Decode Files or Information
  Payload decoded via CertUtil.
  defense_evasion
behavioral1 behavioral2

MITRE ATT&CK Enterprise v15

Reconnaissance

Resource Development

Initial Access

Execution

Persistence

Privilege Escalation

Defense Evasion

Deobfuscate/Decode Files or Information

Credential Access

Discovery

System Location Discovery

System Language Discovery

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Tasks

static1

behavioral1

trickbotbankerdefense_evasiondiscoverypackertrojan

behavioral2

© 2018-2025

Terms | Privacy