Overview

overview

10

Static

static

e52f9a03a2...36.exe

windows7_x64

10

e52f9a03a2...36.exe

windows10-2004_x64

10

Sharing

Copy URL
Twitter E-mail

General

  • Target

    e52f9a03a2c23485f8d406d1597932d8503c4ce7f14e118c748805cd2fcefc36

  • Size

    617KB

  • Sample

    220502-vknkwaage8

  • MD5

    b91e42f717a8a48570105d7240c4c762

  • SHA1

    a2fda8cfff0c6779350cf67e78fa6e9aeafcd5fe

  • SHA256

    e52f9a03a2c23485f8d406d1597932d8503c4ce7f14e118c748805cd2fcefc36

  • SHA512

    2b5202cb03a1cae16a008641d9037b88f7a1edd648b5feb16c77a17563bc75d6529479e708a0bc401d62e87c6c4cc64074e82fbbb2a15c32446f7155806b2777

Score
10/10
trickbotmor5bankertrojan

Malware Config

Extracted

Family

trickbot

Version

100007

Botnet

mor5

C2

103.87.25.220:443

103.98.129.222:449

41.243.29.182:449

103.87.25.220:449

196.45.140.146:449

103.65.196.44:449

103.65.195.95:449

103.61.101.11:449

103.61.100.131:449

103.150.68.124:449

103.137.81.206:449

103.126.185.7:449

103.112.145.58:449

103.110.53.174:449

102.164.208.48:449

102.164.208.44:449
Attributes
  • autorun
    Name:pwgrab
ecc_pubkey.base64

Targets

    • Target

      e52f9a03a2c23485f8d406d1597932d8503c4ce7f14e118c748805cd2fcefc36

    • Size

      617KB

    • MD5

      b91e42f717a8a48570105d7240c4c762

    • SHA1

      a2fda8cfff0c6779350cf67e78fa6e9aeafcd5fe

    • SHA256

      e52f9a03a2c23485f8d406d1597932d8503c4ce7f14e118c748805cd2fcefc36

    • SHA512

      2b5202cb03a1cae16a008641d9037b88f7a1edd648b5feb16c77a17563bc75d6529479e708a0bc401d62e87c6c4cc64074e82fbbb2a15c32446f7155806b2777

    Score
    10/10
    trickbotmor5bankertrojan

    • Trickbot

      Developed in 2016, TrickBot is one of the more recent banking Trojans.

      trojanbankertrickbot
    behavioral1behavioral2

MITRE ATT&CK Matrix

Tasks