f3f2e0e5f0dd4c1b04f2434b95aba1fafd91df0e0e75cf6a851d5238f1ad0ffb

General
Target

f3f2e0e5f0dd4c1b04f2434b95aba1fafd91df0e0e75cf6a851d5238f1ad0ffb

Size

660KB

Sample

201111-hzx91hs1ja

Score
10 /10
MD5

c361c1bd2335782d5cb24ac81e2d5e6c

SHA1

77c338ad2c72a01380a68150449dd6cca2ca7870

SHA256

f3f2e0e5f0dd4c1b04f2434b95aba1fafd91df0e0e75cf6a851d5238f1ad0ffb

SHA512

13832bbdddc5c7f92f682d2ae1816eb4ca88b2d54811d708a7c56304eaaa9eceef9390962a9bdc5feaea4f757213ec8e862740639af5f5a2ff4346b47e6c0a54

Malware Config

Extracted

Family trickbot
Version 100001
Botnet tar2
C2

66.85.183.5:443

185.163.47.157:443

94.140.115.99:443

195.123.240.40:443

195.123.241.226:443

Attributes
autorun
Name: pwgrab
ecc_pubkey.base64
Targets
Target

f3f2e0e5f0dd4c1b04f2434b95aba1fafd91df0e0e75cf6a851d5238f1ad0ffb

MD5

c361c1bd2335782d5cb24ac81e2d5e6c

Filesize

660KB

Score
10 /10
SHA1

77c338ad2c72a01380a68150449dd6cca2ca7870

SHA256

f3f2e0e5f0dd4c1b04f2434b95aba1fafd91df0e0e75cf6a851d5238f1ad0ffb

SHA512

13832bbdddc5c7f92f682d2ae1816eb4ca88b2d54811d708a7c56304eaaa9eceef9390962a9bdc5feaea4f757213ec8e862740639af5f5a2ff4346b47e6c0a54

Tags

Signatures

  • Trickbot

    Description

    Developed in 2016, TrickBot is one of the more recent banking Trojans.

    Tags

Related Tasks

MITRE ATT&CK Matrix
Collection
    Command and Control
      Credential Access
        Defense Evasion
          Discovery
            Execution
              Exfiltration
                Impact
                  Initial Access
                    Lateral Movement
                      Persistence
                        Privilege Escalation
                          Tasks

                          static1

                          behavioral1

                          10/10

                          behavioral2

                          10/10