Overview

overview

10

Static

static

dridex

windows10_x64

10

Sharing

Copy URL
Twitter E-mail

General

  • Target

    d05da42d6dd9c4c2ef0c6786cb9b7be204789f3388c399aea1d066148fa5f8a1

  • Size

    325KB

  • Sample

    211223-ththnscbak

  • MD5

    8a79c40e6288bd6d560c380450f59949

  • SHA1

    f3f76788cc64f6fbc6e37f3b9b534a45d8b963fd

  • SHA256

    d05da42d6dd9c4c2ef0c6786cb9b7be204789f3388c399aea1d066148fa5f8a1

  • SHA512

    02758743c71642acfbbd4b331a567275cc9f5f930686e719763c7d0368da5e6e02bc28a14046b52cc0121bc7dde03d2a797970442283a6dfd9c681356802e62d

Score
10/10
trickbotrob144bankersuricatatrojan

Malware Config

Extracted

Family

trickbot

Version

100021

Botnet

rob144

C2

181.129.85.98:443

189.112.119.205:443

189.51.118.78:443

186.121.214.106:443

49.176.188.184:443

61.69.102.170:443

213.32.252.221:443

89.46.216.2:443

103.36.79.3:443

103.108.97.51:443

95.140.217.242:443

41.175.22.226:443

190.109.169.161:443

186.159.12.18:443

190.109.171.17:443

181.196.148.202:443

186.47.75.58:443

186.42.212.30:443

190.214.21.14:443

187.108.32.133:443
Attributes
  • autorun

ecc_pubkey.base64

Targets

    • Target

      d05da42d6dd9c4c2ef0c6786cb9b7be204789f3388c399aea1d066148fa5f8a1

    • Size

      325KB

    • MD5

      8a79c40e6288bd6d560c380450f59949

    • SHA1

      f3f76788cc64f6fbc6e37f3b9b534a45d8b963fd

    • SHA256

      d05da42d6dd9c4c2ef0c6786cb9b7be204789f3388c399aea1d066148fa5f8a1

    • SHA512

      02758743c71642acfbbd4b331a567275cc9f5f930686e719763c7d0368da5e6e02bc28a14046b52cc0121bc7dde03d2a797970442283a6dfd9c681356802e62d

    Score
    10/10
    trickbotrob144bankersuricatatrojan

    • Trickbot

      Developed in 2016, TrickBot is one of the more recent banking Trojans.

      trojanbankertrickbot

    • suricata: ET MALWARE Win32/TrickBot CnC Initial Checkin M2

      suricata: ET MALWARE Win32/TrickBot CnC Initial Checkin M2

      suricata
    behavioral1

MITRE ATT&CK Matrix

Tasks