trickbot

General

Target

38789619c9e5b7b1b19dc1a0bb98daa3314ed0862b753763b68b3e6371dc0828
Size

985KB
Sample

220128-yf7pqsbhdp
MD5

320931357db07a43b4f43f57c4c1c87b
SHA1

8cfe7e8e3c747fcfb2e2657e557d07baa3d4c4f4
SHA256

38789619c9e5b7b1b19dc1a0bb98daa3314ed0862b753763b68b3e6371dc0828
SHA512

1ba1021bbe262469b50016e045495a255a30741772791699ce2b19c35a4ee57175024418df33d3d19a78c3feb2b4d164a9545d833a818aea18c0fcbbe0528bd8

Score

10^/10

Malware Config

Extracted

Family

trickbot

Version

1000475

Botnet

trg911

C2

45.80.148.30:443

194.5.250.83:443

185.222.202.223:443

66.55.71.11:443

94.156.144.3:443

185.244.150.142:443

194.5.250.82:443

31.184.253.37:443

109.234.34.135:443

45.66.11.116:443

185.222.202.222:443

46.30.41.229:443

45.142.213.58:443

190.154.203.218:449

189.80.134.122:449

200.116.199.10:449

181.113.20.186:449

187.58.56.26:449

85.11.116.194:449

177.103.240.149:449

Attributes

autorun
Control:GetSystemInfo
Name:systeminfo
Name:pwgrab

ecc_pubkey.base64

Targets

- Target
  
  38789619c9e5b7b1b19dc1a0bb98daa3314ed0862b753763b68b3e6371dc0828
- Size
  
  985KB
- MD5
  
  320931357db07a43b4f43f57c4c1c87b
- SHA1
  
  8cfe7e8e3c747fcfb2e2657e557d07baa3d4c4f4
- SHA256
  
  38789619c9e5b7b1b19dc1a0bb98daa3314ed0862b753763b68b3e6371dc0828
- SHA512
  
  1ba1021bbe262469b50016e045495a255a30741772791699ce2b19c35a4ee57175024418df33d3d19a78c3feb2b4d164a9545d833a818aea18c0fcbbe0528bd8
Score

10^/10

trickbot trg911 banker trojan
- Trickbot
  Developed in 2016, TrickBot is one of the more recent banking Trojans.
  trojan banker trickbot
- Trickbot x86 loader
  Detected Trickbot's x86 loader that unpacks the x86 payload.
- Executes dropped EXE
- Loads dropped DLL
behavioral1 behavioral2

MITRE ATT&CK Matrix ATT&CK v6

Initial Access

Execution

Persistence

Privilege Escalation

Defense Evasion

Credential Access

Discovery

System Information Discovery

1

T1082

Lateral Movement

Collection

Exfiltration

Command and Control

Impact

Tasks

Sharing

General

Malware Config

Extracted

Targets

Trickbot x86 loader

Executes dropped EXE

Loads dropped DLL

MITRE ATT&CK Matrix ATT&CK v6

Tasks

static1

behavioral1

behavioral2