trickbot

General

Target

58dce784a93abeb2b6b462d1a75e9e8a.dll
Size

864KB
Sample

210407-tcxf9t4d32
MD5

58dce784a93abeb2b6b462d1a75e9e8a
SHA1

da2e6c939259e4435a335b360398cbff7a6e3ffb
SHA256

e7b39232c063101a0709ad7527be0efe62837da298bb16b2fac9a8ffadc7cf0c
SHA512

9d06c0e588d873f6b854bc1fc242d20f945a5c4fc80c3e3ee1ea4d33b5bfb5b6ca8dc397d94d042eaf3cc4a9067c6751893851ea15872febff7724adcd059684

Score

10^/10

Malware Config

Extracted

Family

trickbot

Version

2000028

Botnet

rob45

C2

89.250.208.42:449

182.253.184.130:449

31.211.85.110:443

85.112.74.178:449

102.68.17.97:443

103.76.150.14:443

96.9.77.142:443

91.185.236.170:449

87.76.1.81:449

91.225.231.120:443

62.213.14.166:443

81.95.45.234:449

148.216.32.55:443

109.185.139.90:449

202.166.211.197:443

196.41.57.46:449

84.21.206.164:449

190.122.168.219:443

77.95.93.132:449

41.77.134.250:443

Attributes

autorun
Name:pwgrab

ecc_pubkey.base64

Targets

- Target
  
  58dce784a93abeb2b6b462d1a75e9e8a.dll
- Size
  
  864KB
- MD5
  
  58dce784a93abeb2b6b462d1a75e9e8a
- SHA1
  
  da2e6c939259e4435a335b360398cbff7a6e3ffb
- SHA256
  
  e7b39232c063101a0709ad7527be0efe62837da298bb16b2fac9a8ffadc7cf0c
- SHA512
  
  9d06c0e588d873f6b854bc1fc242d20f945a5c4fc80c3e3ee1ea4d33b5bfb5b6ca8dc397d94d042eaf3cc4a9067c6751893851ea15872febff7724adcd059684
Score

10^/10

trickbot rob45 banker trojan
- Trickbot
  Developed in 2016, TrickBot is one of the more recent banking Trojans.
  trojan banker trickbot
- Templ.dll packer
  Detects Templ.dll packer which usually loads Trickbot.
behavioral1 behavioral2

MITRE ATT&CK Matrix

Tasks

Sharing

General

Malware Config

Extracted

Targets

Templ.dll packer

MITRE ATT&CK Matrix

Tasks

static1

behavioral1

behavioral2