trickbot | 8ed5bfd73f941dc50914104f719d8038cf97b79e754f528c68c23ac0f512b439 | Triage

Sharing

General

Target

1.exe
Size

596KB
Sample

210102-y417jshs9s
MD5

1372de53ba47855e25ca36db13e73db2
SHA1

4b7846b767cfbd9e8bcbace96deaf514106104ad
SHA256

8ed5bfd73f941dc50914104f719d8038cf97b79e754f528c68c23ac0f512b439
SHA512

e713bdd5ec1a86987f07c34a9333619222cad228641175cb3d1a70fc88a34a0fd16fea91431ce46cb95949f8820d5017cdf49eafa74699dc6fabd4b0c655fb66

Score

10^/10

trickbot yas13 banker trojan

Malware Config

Extracted

Family

trickbot

Version

100004

Botnet

yas13

C2

103.250.70.163:443

181.196.24.6:443

103.87.25.220:443

2.179.73.140:443

118.69.133.4:443

202.62.47.109:443

14.102.109.190:443

103.78.81.5:443

116.0.54.227:443

36.94.193.167:443

194.5.179.82:443

213.235.183.78:443

103.52.47.20:449

Attributes

autorun
Name:pwgrab

ecc_pubkey.base64

Targets

- Target
  
  1.exe
- Size
  
  596KB
- MD5
  
  1372de53ba47855e25ca36db13e73db2
- SHA1
  
  4b7846b767cfbd9e8bcbace96deaf514106104ad
- SHA256
  
  8ed5bfd73f941dc50914104f719d8038cf97b79e754f528c68c23ac0f512b439
- SHA512
  
  e713bdd5ec1a86987f07c34a9333619222cad228641175cb3d1a70fc88a34a0fd16fea91431ce46cb95949f8820d5017cdf49eafa74699dc6fabd4b0c655fb66
Score

10^/10

trickbot yas13 banker trojan
- Trickbot
  Developed in 2016, TrickBot is one of the more recent banking Trojans.
  trojan banker trickbot
behavioral1 behavioral2

MITRE ATT&CK Matrix

Tasks

static1

behavioral1

trickbotyas13bankertrojan

behavioral2

trickbotyas13bankertrojan