trickbot

General

Target

9840d600baf3e3ebf2a93ab238c9f4432a76b04fe3bdc601e3f00ad647674241
Size

468KB
Sample

220524-xpgz1aecd5
MD5

ba999d0b6473e46ed80f627e7608e520
SHA1

34caedf7a0e4922a61a31469d0076133581028b3
SHA256

9840d600baf3e3ebf2a93ab238c9f4432a76b04fe3bdc601e3f00ad647674241
SHA512

8bd6f0ab30982d1866a1afa924e40e601eb623242dcc1d9a4724fda97752ece22c0998e6bd123ab2774d15c1862b65e49ed8ee6f0bc99cdcfcb7e0f1d9b7b2d8

Score

10^/10

Malware Config

Extracted

Family

trickbot

Version

1000512

Botnet

ono57

C2

95.171.16.42:443

185.90.61.9:443

5.1.81.68:443

185.99.2.65:443

134.119.191.11:443

85.204.116.100:443

78.108.216.47:443

51.81.112.144:443

194.5.250.121:443

185.14.31.104:443

185.99.2.66:443

107.175.72.141:443

192.3.247.123:443

134.119.191.21:443

85.204.116.216:443

91.235.129.20:443

181.129.104.139:449

181.112.157.42:449

181.129.134.18:449

131.161.253.190:449

Attributes

autorun
Name:pwgrab

ecc_pubkey.base64

Targets

- Target
  
  9840d600baf3e3ebf2a93ab238c9f4432a76b04fe3bdc601e3f00ad647674241
- Size
  
  468KB
- MD5
  
  ba999d0b6473e46ed80f627e7608e520
- SHA1
  
  34caedf7a0e4922a61a31469d0076133581028b3
- SHA256
  
  9840d600baf3e3ebf2a93ab238c9f4432a76b04fe3bdc601e3f00ad647674241
- SHA512
  
  8bd6f0ab30982d1866a1afa924e40e601eb623242dcc1d9a4724fda97752ece22c0998e6bd123ab2774d15c1862b65e49ed8ee6f0bc99cdcfcb7e0f1d9b7b2d8
Score

10^/10

trickbot ono57 banker trojan
- Trickbot
  Developed in 2016, TrickBot is one of the more recent banking Trojans.
  trojan banker trickbot
behavioral1 behavioral2

MITRE ATT&CK Matrix

Tasks

Sharing

General

Malware Config

Extracted

Targets

MITRE ATT&CK Matrix

Tasks

static1

behavioral1

behavioral2