trickbot

General

Target

c5e66af397e8837535d7967b137e7486dd2184343f17523b6f78f8e10021af26
Size

945KB
Sample

220128-w3rkxsaff9
MD5

92ebc77712ab7b10239be2d052e39a8f
SHA1

c5d6a4fea017a9e59099e6e94603b9cece433bc9
SHA256

c5e66af397e8837535d7967b137e7486dd2184343f17523b6f78f8e10021af26
SHA512

1d54c9dadc30f18cadbd690f7c1d446509b74142bde1c13db182b5c3e70e22f70a53db05ece451cb009fbe445cde8869e7cc0365af45b9da38f5d2f2a7bc6af9

Score

10^/10

Malware Config

Extracted

Family

trickbot

Version

1000477

Botnet

trg8889

C2

37.44.212.148:443

185.65.202.127:443

193.37.212.246:443

193.124.191.243:443

31.148.99.63:443

94.103.91.61:443

203.23.128.179:443

179.43.147.72:443

93.123.73.192:443

51.89.115.120:443

144.91.76.214:443

46.21.153.81:443

194.5.250.98:443

190.154.203.218:449

178.183.150.169:449

200.116.199.10:449

181.113.20.186:449

187.58.56.26:449

85.11.116.194:449

177.103.240.149:449

Attributes

autorun
Control:GetSystemInfo
Name:systeminfo
Name:pwgrab

ecc_pubkey.base64

Targets

- Target
  
  c5e66af397e8837535d7967b137e7486dd2184343f17523b6f78f8e10021af26
- Size
  
  945KB
- MD5
  
  92ebc77712ab7b10239be2d052e39a8f
- SHA1
  
  c5d6a4fea017a9e59099e6e94603b9cece433bc9
- SHA256
  
  c5e66af397e8837535d7967b137e7486dd2184343f17523b6f78f8e10021af26
- SHA512
  
  1d54c9dadc30f18cadbd690f7c1d446509b74142bde1c13db182b5c3e70e22f70a53db05ece451cb009fbe445cde8869e7cc0365af45b9da38f5d2f2a7bc6af9
Score

10^/10

trickbot trg8889 banker trojan
- Trickbot
  Developed in 2016, TrickBot is one of the more recent banking Trojans.
  trojan banker trickbot
- Trickbot x86 loader
  Detected Trickbot's x86 loader that unpacks the x86 payload.
- Executes dropped EXE
- Loads dropped DLL
behavioral1 behavioral2

MITRE ATT&CK Matrix ATT&CK v6

Initial Access

Execution

Persistence

Privilege Escalation

Defense Evasion

Credential Access

Discovery

System Information Discovery

1

T1082

Lateral Movement

Collection

Exfiltration

Command and Control

Impact

Tasks

Sharing

General

Malware Config

Extracted

Targets

Trickbot x86 loader

Executes dropped EXE

Loads dropped DLL

MITRE ATT&CK Matrix ATT&CK v6

Tasks

static1

behavioral1

behavioral2