trickbot | f3f2e0e5f0dd4c1b04f2434b95aba1fafd91df0e0e75cf6a851d5238f1ad0ffb | Triage

Sharing

General

Target

f3f2e0e5f0dd4c1b04f2434b95aba1fafd91df0e0e75cf6a851d5238f1ad0ffb
Size

660KB
Sample

201111-hzx91hs1ja
MD5

c361c1bd2335782d5cb24ac81e2d5e6c
SHA1

77c338ad2c72a01380a68150449dd6cca2ca7870
SHA256

f3f2e0e5f0dd4c1b04f2434b95aba1fafd91df0e0e75cf6a851d5238f1ad0ffb
SHA512

13832bbdddc5c7f92f682d2ae1816eb4ca88b2d54811d708a7c56304eaaa9eceef9390962a9bdc5feaea4f757213ec8e862740639af5f5a2ff4346b47e6c0a54

Score

10^/10

trickbot tar2 banker trojan

Malware Config

Extracted

Family

trickbot

Version

100001

Botnet

tar2

C2

66.85.183.5:443

185.163.47.157:443

94.140.115.99:443

195.123.240.40:443

195.123.241.226:443

Attributes

autorun
Name:pwgrab

ecc_pubkey.base64

Targets

- Target
  
  f3f2e0e5f0dd4c1b04f2434b95aba1fafd91df0e0e75cf6a851d5238f1ad0ffb
- Size
  
  660KB
- MD5
  
  c361c1bd2335782d5cb24ac81e2d5e6c
- SHA1
  
  77c338ad2c72a01380a68150449dd6cca2ca7870
- SHA256
  
  f3f2e0e5f0dd4c1b04f2434b95aba1fafd91df0e0e75cf6a851d5238f1ad0ffb
- SHA512
  
  13832bbdddc5c7f92f682d2ae1816eb4ca88b2d54811d708a7c56304eaaa9eceef9390962a9bdc5feaea4f757213ec8e862740639af5f5a2ff4346b47e6c0a54
Score

10^/10

trickbot tar2 banker trojan
- Trickbot
  Developed in 2016, TrickBot is one of the more recent banking Trojans.
  trojan banker trickbot
behavioral1 behavioral2

MITRE ATT&CK Matrix

Tasks

static1

behavioral1

trickbottar2bankertrojan

behavioral2

trickbottar2bankertrojan