trickbot | 4b8f17d0b516f536d4bafce957990b494f1651b130827c2d066e2c4e592f44ec | Triage

Submit
Reports

Overview

overview

Static

static

4b8f17d0b5...ec.exe

windows7_x64

4b8f17d0b5...ec.exe

windows10_x64

Sharing

General

Target

4b8f17d0b516f536d4bafce957990b494f1651b130827c2d066e2c4e592f44ec
Size

784KB
Sample

220128-vvnzdshdd5
MD5

f43b8aa0900c9257d2e0fd93981f6443
SHA1

fdb92c349397ef25f5a674f57c66a9d03d4eb149
SHA256

4b8f17d0b516f536d4bafce957990b494f1651b130827c2d066e2c4e592f44ec
SHA512

a8499f8e6c2a32fce98f2d7582059b64e2d4a1accee246bcce46bd1660d6cd1213e452c4ea0d3fda9a64c232994122e2624b79d08cec750afc76408c60af2fa1

Score

10^/10

trickbot trgt5688 banker trojan

Static task

static1

Behavioral task

behavioral1

Sample

4b8f17d0b516f536d4bafce957990b494f1651b130827c2d066e2c4e592f44ec.exe

Resource

win7-en-20211208

trickbot trgt5688 banker trojan

windows7_x64

0 signatures

0 seconds

Behavioral task

behavioral2

Sample

4b8f17d0b516f536d4bafce957990b494f1651b130827c2d066e2c4e592f44ec.exe

Resource

win10-en-20211208

trickbot trgt5688 banker trojan

windows10_x64

0 signatures

0 seconds

Malware Config

Extracted

Family

trickbot

Version

1000480

Botnet

trgt5688

C2

192.3.104.46:443

23.94.233.210:443

172.82.152.126:443

192.3.247.11:443

202.29.215.114:449

Attributes

autorun
Control:GetSystemInfo
Name:systeminfo
Name:pwgrab

ecc_pubkey.base64

Targets

- Target
  
  4b8f17d0b516f536d4bafce957990b494f1651b130827c2d066e2c4e592f44ec
- Size
  
  784KB
- MD5
  
  f43b8aa0900c9257d2e0fd93981f6443
- SHA1
  
  fdb92c349397ef25f5a674f57c66a9d03d4eb149
- SHA256
  
  4b8f17d0b516f536d4bafce957990b494f1651b130827c2d066e2c4e592f44ec
- SHA512
  
  a8499f8e6c2a32fce98f2d7582059b64e2d4a1accee246bcce46bd1660d6cd1213e452c4ea0d3fda9a64c232994122e2624b79d08cec750afc76408c60af2fa1
Score

10^/10

trickbot trgt5688 banker trojan
- Trickbot
  Developed in 2016, TrickBot is one of the more recent banking Trojans.
  trojan banker trickbot
- Trickbot x86 loader
  Detected Trickbot's x86 loader that unpacks the x86 payload.
- Executes dropped EXE
- Loads dropped DLL
behavioral1 behavioral2

MITRE ATT&CK Matrix ATT&CK v6

Initial Access

Execution

Persistence

Privilege Escalation

Defense Evasion

Credential Access

Discovery

System Information Discovery

Lateral Movement

Collection

Exfiltration

Command and Control

Impact

Tasks

static1

behavioral1

trickbottrgt5688bankertrojan

behavioral2

trickbottrgt5688bankertrojan

© 2018-2024

Terms | Privacy