trickbot

General

Target

7f62815f2d8325584e3fe2b28a3705e53ca75abfa13a6b6eae68fc5440c46fac
Size

448KB
Sample

220625-fcdndaefan
MD5

d225d4aab52217753e4ab2d304a6bdd3
SHA1

9b2ec23a722ba5ce3bb5baf4c5be09a514816cb5
SHA256

7f62815f2d8325584e3fe2b28a3705e53ca75abfa13a6b6eae68fc5440c46fac
SHA512

2a69c0a986c441de386f01c195e459c512fe61d3e8de87faa223f3f8c653988930c31b8c127d887fdbeb591ac03b92929f11e50e8719ba8fcaf2a6784eebf2e8

Score

10^/10

Malware Config

Extracted

Family

trickbot

Version

1000507

Botnet

ono38

C2

51.89.115.112:443

185.141.27.225:443

151.80.212.114:443

5.182.210.178:443

188.119.113.60:443

91.235.129.199:443

185.234.72.193:443

194.5.250.200:443

185.14.29.141:443

185.99.2.197:443

185.234.72.50:443

194.5.250.201:443

108.170.61.186:443

217.12.209.159:443

185.99.2.44:443

51.89.115.108:443

164.68.120.58:443

164.132.255.19:443

148.251.185.164:443

94.250.250.69:443

Attributes

autorun
Name:pwgrab

ecc_pubkey.base64

Targets

- Target
  
  7f62815f2d8325584e3fe2b28a3705e53ca75abfa13a6b6eae68fc5440c46fac
- Size
  
  448KB
- MD5
  
  d225d4aab52217753e4ab2d304a6bdd3
- SHA1
  
  9b2ec23a722ba5ce3bb5baf4c5be09a514816cb5
- SHA256
  
  7f62815f2d8325584e3fe2b28a3705e53ca75abfa13a6b6eae68fc5440c46fac
- SHA512
  
  2a69c0a986c441de386f01c195e459c512fe61d3e8de87faa223f3f8c653988930c31b8c127d887fdbeb591ac03b92929f11e50e8719ba8fcaf2a6784eebf2e8
Score

10^/10

trickbot ono38 banker dave trojan
- Trickbot
  Developed in 2016, TrickBot is one of the more recent banking Trojans.
  trojan banker trickbot
- Dave packer
  Detects executable using a packer named 'Dave' by the community, based on a string at the end.
  dave
behavioral1 behavioral2

MITRE ATT&CK Matrix

Tasks

Sharing

General

Malware Config

Extracted

Targets

Dave packer

MITRE ATT&CK Matrix

Tasks

static1

behavioral1

behavioral2