trickbot

General

Target

f5d555d1d7672be2d1c7f51728863fa2bc4d669ac09da707faf456c358bcc36f
Size

191KB
Sample

220524-ddqm8adbf5
MD5

122172f902a8e651e7c5709e6ec970fe
SHA1

fd258e0c8d666188627cc08fe56929ebba036893
SHA256

f5d555d1d7672be2d1c7f51728863fa2bc4d669ac09da707faf456c358bcc36f
SHA512

8e22c221ca910b210c7094245cbbe552cb359bf8d637b762c56c3d254c02c78ace3cb3af8e6dd4690a77de76d91d65da019f1ac76dd0248951a25561860122e9

Score

10^/10

Malware Config

Extracted

Family

trickbot

Version

1000499

Botnet

tot677

C2

5.182.210.226:443

82.146.62.52:443

193.26.217.243:443

5.2.78.77:443

107.172.165.149:443

185.14.29.84:443

178.156.202.130:443

185.62.188.10:443

5.255.96.115:443

212.80.216.209:443

195.133.145.31:443

5.34.177.97:443

85.143.216.206:443

185.99.2.193:443

5.182.210.4:443

178.156.202.120:443

146.185.253.197:443

194.99.21.139:443

185.200.241.248:443

185.183.96.43:443

Attributes

autorun
Name:pwgrab

ecc_pubkey.base64

Targets

- Target
  
  f5d555d1d7672be2d1c7f51728863fa2bc4d669ac09da707faf456c358bcc36f
- Size
  
  191KB
- MD5
  
  122172f902a8e651e7c5709e6ec970fe
- SHA1
  
  fd258e0c8d666188627cc08fe56929ebba036893
- SHA256
  
  f5d555d1d7672be2d1c7f51728863fa2bc4d669ac09da707faf456c358bcc36f
- SHA512
  
  8e22c221ca910b210c7094245cbbe552cb359bf8d637b762c56c3d254c02c78ace3cb3af8e6dd4690a77de76d91d65da019f1ac76dd0248951a25561860122e9
Score

10^/10

trickbot banker trojan tot677
- Trickbot
  Developed in 2016, TrickBot is one of the more recent banking Trojans.
  trojan banker trickbot
- Trickbot x86 loader
  Detected Trickbot's x86 loader that unpacks the x86 payload.
- Executes dropped EXE
behavioral1 behavioral2

MITRE ATT&CK Matrix

Tasks

Sharing

General

Malware Config

Extracted

Targets

Trickbot x86 loader

Executes dropped EXE

MITRE ATT&CK Matrix

Tasks

static1

behavioral1

behavioral2