trickbot | 27f67d1ce31e67a2644330aa6a3cd0e77cfd84d023cc1adf1736e286852f9209 | Triage

Submit
Reports

Overview

overview

Static

static

27f67d1ce3...09.dll

windows7_x64

27f67d1ce3...09.dll

windows10-2004_x64

Sharing

General

Target

27f67d1ce31e67a2644330aa6a3cd0e77cfd84d023cc1adf1736e286852f9209
Size

288KB
Sample

220319-ytek4shec4
MD5

f86428e98f43cfa14465cc362b0cfae5
SHA1

854d5df73c6741de4d204251c7831a2f147c76d0
SHA256

27f67d1ce31e67a2644330aa6a3cd0e77cfd84d023cc1adf1736e286852f9209
SHA512

9368008d4f0e267f0a01902a8debd08ed9a6754320a569c65336abc0b8a71e3cb79fc324298417e83e9907cd061fe0d8d6a58d8abd838cf41c2e216d918ef7fe

Score

10^/10

trickbot rob28 banker packer trojan

Static task

static1

Behavioral task

behavioral1

Sample

27f67d1ce31e67a2644330aa6a3cd0e77cfd84d023cc1adf1736e286852f9209.dll

Resource

win7-20220311-en

trickbot rob28 banker packer trojan

windows7_x64

0 signatures

0 seconds

Behavioral task

behavioral2

Sample

27f67d1ce31e67a2644330aa6a3cd0e77cfd84d023cc1adf1736e286852f9209.dll

Resource

win10v2004-en-20220113

trickbot rob28 banker packer trojan

windows10-2004_x64

0 signatures

0 seconds

Malware Config

Extracted

Family

trickbot

Version

100007

Botnet

rob28

C2

41.243.29.182:449

196.45.140.146:449

103.87.25.220:443

103.98.129.222:449

103.87.25.220:449

103.65.196.44:449

103.65.195.95:449

103.61.101.11:449

103.61.100.131:449

103.150.68.124:449

103.137.81.206:449

103.126.185.7:449

103.112.145.58:449

103.110.53.174:449

102.164.208.48:449

102.164.208.44:449

Attributes

autorun
Name:pwgrab

ecc_pubkey.base64

Targets

- Target
  
  27f67d1ce31e67a2644330aa6a3cd0e77cfd84d023cc1adf1736e286852f9209
- Size
  
  288KB
- MD5
  
  f86428e98f43cfa14465cc362b0cfae5
- SHA1
  
  854d5df73c6741de4d204251c7831a2f147c76d0
- SHA256
  
  27f67d1ce31e67a2644330aa6a3cd0e77cfd84d023cc1adf1736e286852f9209
- SHA512
  
  9368008d4f0e267f0a01902a8debd08ed9a6754320a569c65336abc0b8a71e3cb79fc324298417e83e9907cd061fe0d8d6a58d8abd838cf41c2e216d918ef7fe
Score

10^/10

trickbot rob28 banker packer trojan
- Trickbot
  Developed in 2016, TrickBot is one of the more recent banking Trojans.
  trojan banker trickbot
- Templ.dll packer
  Detects Templ.dll packer which usually loads Trickbot.
  packer
behavioral1 behavioral2

MITRE ATT&CK Matrix

Tasks

static1

behavioral1

trickbotrob28bankerpackertrojan

behavioral2

trickbotrob28bankerpackertrojan

© 2018-2024

Terms | Privacy