trickbot

General

Target

a56b3ed1cec1ece071402cbfde24aca483d687d93fd92b1a53da8f2b02014be8
Size

632KB
Sample

220128-wfk5mahfhn
MD5

570d3e2882982ed179fd1d1016c16f16
SHA1

e196560eecb90050e97cd45b45922a356c3647a3
SHA256

a56b3ed1cec1ece071402cbfde24aca483d687d93fd92b1a53da8f2b02014be8
SHA512

e94ab2ffef6587cf06eeec9180ef7ceb751f78c2a73b661726cccc4308d554f10f87af5397ff893777a7a2d127c732d12c31b4be78bec78e9eed1053431f1db1

Score

10^/10

Malware Config

Extracted

Family

trickbot

Version

1000474

Botnet

trgX8

C2

51.68.247.62:443

37.228.117.146:443

91.132.139.170:443

37.44.212.216:443

31.184.253.37:443

51.254.69.244:443

194.5.250.82:443

5.230.22.40:443

185.222.202.222:443

46.30.41.229:443

203.23.128.168:443

190.154.203.218:449

189.80.134.122:449

200.116.199.10:449

181.113.20.186:449

187.58.56.26:449

146.196.122.167:449

177.103.240.149:449

181.199.102.179:449

200.21.51.38:449

Attributes

autorun
Control:GetSystemInfo
Name:systeminfo
Name:pwgrab

ecc_pubkey.base64

Targets

- Target
  
  a56b3ed1cec1ece071402cbfde24aca483d687d93fd92b1a53da8f2b02014be8
- Size
  
  632KB
- MD5
  
  570d3e2882982ed179fd1d1016c16f16
- SHA1
  
  e196560eecb90050e97cd45b45922a356c3647a3
- SHA256
  
  a56b3ed1cec1ece071402cbfde24aca483d687d93fd92b1a53da8f2b02014be8
- SHA512
  
  e94ab2ffef6587cf06eeec9180ef7ceb751f78c2a73b661726cccc4308d554f10f87af5397ff893777a7a2d127c732d12c31b4be78bec78e9eed1053431f1db1
Score

10^/10

trickbot trgx8 banker trojan
- Trickbot
  Developed in 2016, TrickBot is one of the more recent banking Trojans.
  trojan banker trickbot
- Trickbot x86 loader
  Detected Trickbot's x86 loader that unpacks the x86 payload.
- Executes dropped EXE
behavioral1 behavioral2

MITRE ATT&CK Matrix

Tasks

Sharing

General

Malware Config

Extracted

Targets

Trickbot x86 loader

Executes dropped EXE

MITRE ATT&CK Matrix

Tasks

static1

behavioral1

behavioral2