trickbot | c28522e02d279c2fdb47d79b98976d2cf63347121dbbb467e12ce0eafb4369b9 | Triage

Submit
Reports

Overview

overview

Static

static

c28522e02d...b9.exe

windows7_x64

c28522e02d...b9.exe

windows10_x64

Sharing

General

Target

c28522e02d279c2fdb47d79b98976d2cf63347121dbbb467e12ce0eafb4369b9
Size

881KB
Sample

220128-xmlv6sbch8
MD5

59ccde8ff080314a8568b0f909037ca2
SHA1

acf6ab5b9a983c70864f0c95790d85d257ceb528
SHA256

c28522e02d279c2fdb47d79b98976d2cf63347121dbbb467e12ce0eafb4369b9
SHA512

6f5b69bf9ba0d987c998fca02f1a572147c850085764334971310a9d05378eb40bd85eb7cb49d9863f3b6101716a5d3c69e7a23292b653a92a9f107c2aace9a2

Score

10^/10

trickbot trgt98888 banker trojan

Static task

static1

Behavioral task

behavioral1

Sample

c28522e02d279c2fdb47d79b98976d2cf63347121dbbb467e12ce0eafb4369b9.exe

Resource

win7-en-20211208

trickbot trgt98888 banker trojan

windows7_x64

0 signatures

0 seconds

Behavioral task

behavioral2

Sample

c28522e02d279c2fdb47d79b98976d2cf63347121dbbb467e12ce0eafb4369b9.exe

Resource

win10-en-20211208

trickbot trgt98888 banker trojan

windows10_x64

0 signatures

0 seconds

Malware Config

Extracted

Family

trickbot

Version

1000479

Botnet

trgt98888

C2

192.3.104.46:443

23.94.233.210:443

172.82.152.126:443

192.3.247.11:443

202.29.215.114:449

Attributes

autorun
Control:GetSystemInfo
Name:systeminfo
Name:pwgrab

ecc_pubkey.base64

Targets

- Target
  
  c28522e02d279c2fdb47d79b98976d2cf63347121dbbb467e12ce0eafb4369b9
- Size
  
  881KB
- MD5
  
  59ccde8ff080314a8568b0f909037ca2
- SHA1
  
  acf6ab5b9a983c70864f0c95790d85d257ceb528
- SHA256
  
  c28522e02d279c2fdb47d79b98976d2cf63347121dbbb467e12ce0eafb4369b9
- SHA512
  
  6f5b69bf9ba0d987c998fca02f1a572147c850085764334971310a9d05378eb40bd85eb7cb49d9863f3b6101716a5d3c69e7a23292b653a92a9f107c2aace9a2
Score

10^/10

trickbot trgt98888 banker trojan
- Trickbot
  Developed in 2016, TrickBot is one of the more recent banking Trojans.
  trojan banker trickbot
- Trickbot x86 loader
  Detected Trickbot's x86 loader that unpacks the x86 payload.
- Executes dropped EXE
- Loads dropped DLL
behavioral1 behavioral2

MITRE ATT&CK Matrix ATT&CK v6

Initial Access

Execution

Persistence

Privilege Escalation

Defense Evasion

Credential Access

Discovery

System Information Discovery

Lateral Movement

Collection

Exfiltration

Command and Control

Impact

Tasks

static1

behavioral1

trickbottrgt98888bankertrojan

behavioral2

trickbottrgt98888bankertrojan

© 2018-2024

Terms | Privacy