trickbot | 2d2075ba557f1bb0474c706678890383c93fd5a8f621cd4b328a545b088ab4d0 | Triage

Submit
Reports

Overview

overview

Static

static

2d2075ba55...d0.exe

windows7_x64

2d2075ba55...d0.exe

windows10_x64

Sharing

General

Target

2d2075ba557f1bb0474c706678890383c93fd5a8f621cd4b328a545b088ab4d0
Size

785KB
Sample

220128-v8s59shdhl
MD5

14cc2c06f51d4b4a76e08ebcd15d0074
SHA1

ec808ed2b078c773c561aa319999006e4281250b
SHA256

2d2075ba557f1bb0474c706678890383c93fd5a8f621cd4b328a545b088ab4d0
SHA512

44e7b9e76791a8fc3f36a4febc2cd2d5b77a139b30c1d4ff0059f6e6bc434ead57aa470de209674f1a8c9ce6dcdd72a5419a2f297feb906b7d4d1b8e6eee7d99

Score

10^/10

trickbot trgt5688 banker trojan

Static task

static1

Behavioral task

behavioral1

Sample

2d2075ba557f1bb0474c706678890383c93fd5a8f621cd4b328a545b088ab4d0.exe

Resource

win7-en-20211208

trickbot trgt5688 banker trojan

windows7_x64

0 signatures

0 seconds

Behavioral task

behavioral2

Sample

2d2075ba557f1bb0474c706678890383c93fd5a8f621cd4b328a545b088ab4d0.exe

Resource

win10-en-20211208

trickbot trgt5688 banker trojan

windows10_x64

0 signatures

0 seconds

Malware Config

Extracted

Family

trickbot

Version

1000480

Botnet

trgt5688

C2

192.3.104.46:443

23.94.233.210:443

172.82.152.126:443

192.3.247.11:443

202.29.215.114:449

Attributes

autorun
Control:GetSystemInfo
Name:systeminfo
Name:pwgrab

ecc_pubkey.base64

Targets

- Target
  
  2d2075ba557f1bb0474c706678890383c93fd5a8f621cd4b328a545b088ab4d0
- Size
  
  785KB
- MD5
  
  14cc2c06f51d4b4a76e08ebcd15d0074
- SHA1
  
  ec808ed2b078c773c561aa319999006e4281250b
- SHA256
  
  2d2075ba557f1bb0474c706678890383c93fd5a8f621cd4b328a545b088ab4d0
- SHA512
  
  44e7b9e76791a8fc3f36a4febc2cd2d5b77a139b30c1d4ff0059f6e6bc434ead57aa470de209674f1a8c9ce6dcdd72a5419a2f297feb906b7d4d1b8e6eee7d99
Score

10^/10

trickbot trgt5688 banker trojan
- Trickbot
  Developed in 2016, TrickBot is one of the more recent banking Trojans.
  trojan banker trickbot
- Trickbot x86 loader
  Detected Trickbot's x86 loader that unpacks the x86 payload.
- Executes dropped EXE
- Loads dropped DLL
behavioral1 behavioral2

MITRE ATT&CK Matrix ATT&CK v6

Initial Access

Execution

Persistence

Privilege Escalation

Defense Evasion

Credential Access

Discovery

System Information Discovery

Lateral Movement

Collection

Exfiltration

Command and Control

Impact

Tasks

static1

behavioral1

trickbottrgt5688bankertrojan

behavioral2

trickbottrgt5688bankertrojan

© 2018-2024

Terms | Privacy