trickbot | 2066b3079277f7360d0a2fceed0754141020b033cbd94a768ae7a756f34cb3ee | Triage

Sharing

General

Target

df4491307732cc8c20abfa4e86609aaef79ce847563f060bfa73b0dc8dce274a.bin.sample.gz
Size

592KB
Sample

201204-2128ple7ss
MD5

9ea382b2e5ac660c570a50a548f6723e
SHA1

e80ac73292c9fbf5d7fab658ff36a1561de9d571
SHA256

2066b3079277f7360d0a2fceed0754141020b033cbd94a768ae7a756f34cb3ee
SHA512

6dd2beaebec899e0db018a96c197ae18e28a258a72745fd4ba4a67fd729d79d06553f81126d0e2618c0f74015c9ad5a6a35d195fd12ea3a3b7abc560c3973345

Score

10^/10

trickbot mor133 banker trojan

Malware Config

Extracted

Family

trickbot

Version

2000013

Botnet

mor133

C2

199.38.120.91:443

199.38.121.150:443

199.38.123.58:443

208.86.162.215:443

208.86.161.113:443

208.86.162.241:443

131.153.22.145:443

62.108.35.29:443

45.89.127.118:443

185.99.2.123:443

62.108.35.36:443

45.89.127.119:443

194.5.249.216:443

185.99.2.160:443

80.85.156.116:443

86.104.194.102:443

Attributes

autorun
Name:pwgrab

ecc_pubkey.base64

Targets

- Target
  
  sample
- Size
  
  592KB
- MD5
  
  c338a1e442838cc95a6724f2def934b5
- SHA1
  
  279e903c173a2f7b34806d931b31369788cd90b9
- SHA256
  
  df4491307732cc8c20abfa4e86609aaef79ce847563f060bfa73b0dc8dce274a
- SHA512
  
  c77ba9ec89037537919192737d3cb5315b9070059c328e0d69022183dbd6d8667ab4778ffa52082d95ccb8c9412ad4ebe0f1e6eb090c3fa3cb4c920ae31440b7
Score

10^/10

trickbot mor133 banker trojan
- Trickbot
  Developed in 2016, TrickBot is one of the more recent banking Trojans.
  trojan banker trickbot
behavioral1 behavioral2

MITRE ATT&CK Matrix

Tasks

static1

behavioral1

trickbotmor133bankertrojan

behavioral2

trickbotmor133bankertrojan