trickbot

General

Target

39adf6ec_by_Libranalysis
Size

374KB
Sample

210505-yqvjjeecdj
MD5

39adf6ecdd71f0d727e79205c71a62cb
SHA1

c52f4df420684f27160cf252ac736c32dfdf789e
SHA256

0352835fa00f51dc22097204f150bf7d48fd678bd7e4b7d0c3cc968009efa38d
SHA512

7bcc3f3de134d8811e64d7e5ad96ae45e76b386bd36dd8380582acc344f5e7d4608560e3cfa6aabff2729ff780f47b75d04d87d47376bc9578917020c8cdb7df

Score

10^/10

Malware Config

Extracted

Family

trickbot

Version

1000480

Botnet

ono23

C2

144.91.79.9:443

172.245.97.148:443

85.204.116.139:443

185.62.188.117:443

185.222.202.76:443

144.91.79.12:443

185.68.93.43:443

195.123.238.191:443

146.185.219.29:443

195.133.196.151:443

91.235.129.60:443

23.227.206.170:443

185.222.202.192:443

190.154.203.218:449

178.183.150.169:449

200.116.199.10:449

187.58.56.26:449

177.103.240.149:449

81.190.160.139:449

200.21.51.38:449

Attributes

autorun
Control:GetSystemInfo
Name:systeminfo
Name:pwgrab

ecc_pubkey.base64

Targets

- Target
  
  9754089f79d9c9293dcc9c604c6328284a7942539a46c13112558a39c92a5e41.exe
- Size
  
  528KB
- MD5
  
  a8331229532b5c12dae297134cbaac58
- SHA1
  
  241b1d866d26dc749cfd3a06e15f86556ab9fa11
- SHA256
  
  9754089f79d9c9293dcc9c604c6328284a7942539a46c13112558a39c92a5e41
- SHA512
  
  d526dd1feb150378a59da94be0bff0131c40ae41bf9d77e2229608d52f4dd50ef85ea0604a12f0a3491446d09a3c90acf3c3bc740740e459564e8909119160a5
Score

10^/10

trickbot ono23 banker trojan
- Trickbot
  Developed in 2016, TrickBot is one of the more recent banking Trojans.
  trojan banker trickbot
- Trickbot x86 loader
  Detected Trickbot's x86 loader that unpacks the x86 payload.
- Executes dropped EXE
- Loads dropped DLL
behavioral1 behavioral2

MITRE ATT&CK Enterprise v6

Initial Access

Execution

Persistence

Privilege Escalation

Defense Evasion

Credential Access

Discovery

System Information Discovery

1

T1082

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Tasks

Sharing

General

Malware Config

Extracted

Targets

Trickbot x86 loader

Executes dropped EXE

Loads dropped DLL

MITRE ATT&CK Enterprise v6

Tasks

static1

behavioral1

behavioral2