trickbot

General

Target

6769ac88ff3e3760348bcc05e0d9072e86f8b181c828d208f8151835a35ab9ec
Size

190KB
Sample

210202-1tezjjdg9a
MD5

ffe59f4a0fc42b96dbcaf0552959c7c2
SHA1

aa36c61c08e612ff167a9d1acb65cfce6e6f83a6
SHA256

6769ac88ff3e3760348bcc05e0d9072e86f8b181c828d208f8151835a35ab9ec
SHA512

23727cf2626d5a9fdf0e3a90f7a568a3f8b27ac578d1647e8aeec06cb9d9d276731cbd95fd73620879d71411432dc4d62279075cc33f3deb19e188d47ee82659

Score

10^/10

Malware Config

Extracted

Family

trickbot

Version

1000501

Botnet

lib689

C2

5.182.210.226:443

5.182.210.120:443

185.65.202.183:443

212.80.217.243:443

85.143.218.249:443

194.5.250.178:443

198.15.119.121:443

107.175.87.142:443

185.14.31.72:443

188.165.62.2:443

194.5.250.179:443

198.15.119.71:443

185.14.29.4:443

185.99.2.202:443

192.3.193.162:443

89.191.234.89:443

195.54.32.12:443

31.131.21.30:443

5.34.177.194:443

190.214.13.2:449

Attributes

autorun
Name:pwgrab

ecc_pubkey.base64

Targets

- Target
  
  6769ac88ff3e3760348bcc05e0d9072e86f8b181c828d208f8151835a35ab9ec
- Size
  
  190KB
- MD5
  
  ffe59f4a0fc42b96dbcaf0552959c7c2
- SHA1
  
  aa36c61c08e612ff167a9d1acb65cfce6e6f83a6
- SHA256
  
  6769ac88ff3e3760348bcc05e0d9072e86f8b181c828d208f8151835a35ab9ec
- SHA512
  
  23727cf2626d5a9fdf0e3a90f7a568a3f8b27ac578d1647e8aeec06cb9d9d276731cbd95fd73620879d71411432dc4d62279075cc33f3deb19e188d47ee82659
Score

10^/10

trickbot lib689 banker trojan
- Trickbot
  Developed in 2016, TrickBot is one of the more recent banking Trojans.
  trojan banker trickbot
- Executes dropped EXE
- Loads dropped DLL
behavioral1 behavioral2

MITRE ATT&CK Matrix

Tasks

Sharing

General

Malware Config

Extracted

Targets

Executes dropped EXE

Loads dropped DLL

MITRE ATT&CK Matrix

Tasks

static1

behavioral1

behavioral2