trickbot | 81e134bbab28a83e8bc9111768d7b893b2fa5fa3d51bd44d2ab49b4019896da3 | Triage

Sharing

General

Target

81e134bbab28a83e8bc9111768d7b893b2fa5fa3d51bd44d2ab49b4019896da3
Size

617KB
Sample

220502-vylnfabcg8
MD5

be760466a061b3912bad28c5ad13c3b7
SHA1

cc74bd96dfb7fcc8589904376231c6841c200c45
SHA256

81e134bbab28a83e8bc9111768d7b893b2fa5fa3d51bd44d2ab49b4019896da3
SHA512

4554f15b4f2e707b11efd2d9db10629752a183bb9666473e014216a04c8699b2ebf0f71abe663e91c519cb00082f69227ae78e65298fc452d37c286cf5553ad4

Score

10^/10

trickbot mor5 banker trojan

Malware Config

Extracted

Family

trickbot

Version

100007

Botnet

mor5

C2

103.87.25.220:443

103.98.129.222:449

41.243.29.182:449

103.87.25.220:449

196.45.140.146:449

103.65.196.44:449

103.65.195.95:449

103.61.101.11:449

103.61.100.131:449

103.150.68.124:449

103.137.81.206:449

103.126.185.7:449

103.112.145.58:449

103.110.53.174:449

102.164.208.48:449

102.164.208.44:449

Attributes

autorun
Name:pwgrab

ecc_pubkey.base64

Targets

- Target
  
  81e134bbab28a83e8bc9111768d7b893b2fa5fa3d51bd44d2ab49b4019896da3
- Size
  
  617KB
- MD5
  
  be760466a061b3912bad28c5ad13c3b7
- SHA1
  
  cc74bd96dfb7fcc8589904376231c6841c200c45
- SHA256
  
  81e134bbab28a83e8bc9111768d7b893b2fa5fa3d51bd44d2ab49b4019896da3
- SHA512
  
  4554f15b4f2e707b11efd2d9db10629752a183bb9666473e014216a04c8699b2ebf0f71abe663e91c519cb00082f69227ae78e65298fc452d37c286cf5553ad4
Score

10^/10

trickbot mor5 banker trojan
- Trickbot
  Developed in 2016, TrickBot is one of the more recent banking Trojans.
  trojan banker trickbot
behavioral1 behavioral2

MITRE ATT&CK Matrix

Tasks

static1

behavioral1

trickbotmor5bankertrojan

behavioral2

trickbotmor5bankertrojan