trickbot

General

Target

ac73a81e718024573c81ca9823e97ac99be24d1c7441d38aa096a5bdcd0dfffc
Size

559KB
Sample

220128-w3pfkaaff6
MD5

336ee95efb07023aa2815247dd2d3845
SHA1

c5e23aa3517029bb0fece0095d1bf5f0a44946d7
SHA256

ac73a81e718024573c81ca9823e97ac99be24d1c7441d38aa096a5bdcd0dfffc
SHA512

c4d12401dd66dba5c3c3c290c5e714a383a96b7a9db18a0a75356497ca1679b4042a5cc7129efcf5f79f04c559780ad8b7ac200009ae9499e7f46c142ba74c5d

Score

10^/10

Malware Config

Extracted

Family

trickbot

Version

1000475

Botnet

trg449

C2

45.80.148.30:443

194.5.250.83:443

185.222.202.223:443

66.55.71.11:443

94.156.144.3:443

185.244.150.142:443

194.5.250.82:443

31.184.253.37:443

109.234.34.135:443

45.66.11.116:443

185.222.202.222:443

46.30.41.229:443

45.142.213.58:443

190.154.203.218:449

189.80.134.122:449

200.116.199.10:449

181.113.20.186:449

187.58.56.26:449

85.11.116.194:449

177.103.240.149:449

Attributes

autorun
Control:GetSystemInfo
Name:systeminfo
Name:pwgrab

ecc_pubkey.base64

Targets

- Target
  
  ac73a81e718024573c81ca9823e97ac99be24d1c7441d38aa096a5bdcd0dfffc
- Size
  
  559KB
- MD5
  
  336ee95efb07023aa2815247dd2d3845
- SHA1
  
  c5e23aa3517029bb0fece0095d1bf5f0a44946d7
- SHA256
  
  ac73a81e718024573c81ca9823e97ac99be24d1c7441d38aa096a5bdcd0dfffc
- SHA512
  
  c4d12401dd66dba5c3c3c290c5e714a383a96b7a9db18a0a75356497ca1679b4042a5cc7129efcf5f79f04c559780ad8b7ac200009ae9499e7f46c142ba74c5d
Score

10^/10

trickbot trg449 banker trojan
- Trickbot
  Developed in 2016, TrickBot is one of the more recent banking Trojans.
  trojan banker trickbot
- Trickbot x86 loader
  Detected Trickbot's x86 loader that unpacks the x86 payload.
- Executes dropped EXE
- Loads dropped DLL
behavioral1 behavioral2

MITRE ATT&CK Matrix ATT&CK v6

Initial Access

Execution

Persistence

Privilege Escalation

Defense Evasion

Credential Access

Discovery

System Information Discovery

1

T1082

Lateral Movement

Collection

Exfiltration

Command and Control

Impact

Tasks

Sharing

General

Malware Config

Extracted

Targets

Trickbot x86 loader

Executes dropped EXE

Loads dropped DLL

MITRE ATT&CK Matrix ATT&CK v6

Tasks

static1

behavioral1

behavioral2