trickbot

General

Target

54edbad457c34d6295cb399d0ec1d496ae96a98040d51b5a736135c1bf1b2dbe
Size

1001KB
Sample

220128-wrp8qaach3
MD5

df29722bf08da422003cc2c3545db0a2
SHA1

d2e49e805a84374b478595a487e2bfeec7e27932
SHA256

54edbad457c34d6295cb399d0ec1d496ae96a98040d51b5a736135c1bf1b2dbe
SHA512

58a43d4517eb1ae7b73cf3fda8788c127a41fd7216c62c0001e17d4f365fc7f6d23d54db17becb6aa9d647bdcd28be35d2554502abec958f24443ca411b46508

Score

10^/10

Malware Config

Extracted

Family

trickbot

Version

1000475

Botnet

trgeu1

C2

45.80.148.30:443

194.5.250.83:443

185.222.202.223:443

66.55.71.11:443

94.156.144.3:443

185.244.150.142:443

194.5.250.82:443

31.184.253.37:443

109.234.34.135:443

45.66.11.116:443

185.222.202.222:443

46.30.41.229:443

45.142.213.58:443

190.154.203.218:449

189.80.134.122:449

200.116.199.10:449

181.113.20.186:449

187.58.56.26:449

85.11.116.194:449

177.103.240.149:449

Attributes

autorun
Control:GetSystemInfo
Name:systeminfo
Name:pwgrab

ecc_pubkey.base64

Targets

- Target
  
  54edbad457c34d6295cb399d0ec1d496ae96a98040d51b5a736135c1bf1b2dbe
- Size
  
  1001KB
- MD5
  
  df29722bf08da422003cc2c3545db0a2
- SHA1
  
  d2e49e805a84374b478595a487e2bfeec7e27932
- SHA256
  
  54edbad457c34d6295cb399d0ec1d496ae96a98040d51b5a736135c1bf1b2dbe
- SHA512
  
  58a43d4517eb1ae7b73cf3fda8788c127a41fd7216c62c0001e17d4f365fc7f6d23d54db17becb6aa9d647bdcd28be35d2554502abec958f24443ca411b46508
Score

10^/10

trickbot trgeu1 banker trojan
- Trickbot
  Developed in 2016, TrickBot is one of the more recent banking Trojans.
  trojan banker trickbot
- Trickbot x86 loader
  Detected Trickbot's x86 loader that unpacks the x86 payload.
- Executes dropped EXE
- Loads dropped DLL
behavioral1 behavioral2

MITRE ATT&CK Matrix ATT&CK v6

Initial Access

Execution

Persistence

Privilege Escalation

Defense Evasion

Credential Access

Discovery

System Information Discovery

1

T1082

Lateral Movement

Collection

Exfiltration

Command and Control

Impact

Tasks

Sharing

General

Malware Config

Extracted

Targets

Trickbot x86 loader

Executes dropped EXE

Loads dropped DLL

MITRE ATT&CK Matrix ATT&CK v6

Tasks

static1

behavioral1

behavioral2