trickbot

General

Target

ee07e8c21a1cca68eb6cb14ce2b8f768e3f6e11f492e1c8ecca963b8c9685e7a
Size

364KB
Sample

220625-jcm4ladeb7
MD5

cec86610ef0e41f843f408bfb2d53486
SHA1

480cf2003f147392f6e4443631350e2e1f364d9f
SHA256

ee07e8c21a1cca68eb6cb14ce2b8f768e3f6e11f492e1c8ecca963b8c9685e7a
SHA512

b32e9e6c6f4945d759be10506c53f16052efd27da9c994af1c8782764444ec25a9217b8d110c9e0929843c44a1dcc261632f8ad0956f908734a0d29de461bdca

Score

10^/10

Malware Config

Extracted

Family

trickbot

Version

1000507

Botnet

ono38

C2

51.89.115.112:443

185.141.27.225:443

151.80.212.114:443

5.182.210.178:443

188.119.113.60:443

91.235.129.199:443

185.234.72.193:443

194.5.250.200:443

185.14.29.141:443

185.99.2.197:443

185.234.72.50:443

194.5.250.201:443

108.170.61.186:443

217.12.209.159:443

185.99.2.44:443

51.89.115.108:443

164.68.120.58:443

164.132.255.19:443

148.251.185.164:443

94.250.250.69:443

Attributes

autorun
Name:pwgrab

ecc_pubkey.base64

Targets

- Target
  
  ee07e8c21a1cca68eb6cb14ce2b8f768e3f6e11f492e1c8ecca963b8c9685e7a
- Size
  
  364KB
- MD5
  
  cec86610ef0e41f843f408bfb2d53486
- SHA1
  
  480cf2003f147392f6e4443631350e2e1f364d9f
- SHA256
  
  ee07e8c21a1cca68eb6cb14ce2b8f768e3f6e11f492e1c8ecca963b8c9685e7a
- SHA512
  
  b32e9e6c6f4945d759be10506c53f16052efd27da9c994af1c8782764444ec25a9217b8d110c9e0929843c44a1dcc261632f8ad0956f908734a0d29de461bdca
Score

10^/10

trickbot ono38 banker dave trojan
- Trickbot
  Developed in 2016, TrickBot is one of the more recent banking Trojans.
  trojan banker trickbot
- Dave packer
  Detects executable using a packer named 'Dave' by the community, based on a string at the end.
  dave
behavioral1 behavioral2

MITRE ATT&CK Matrix

Tasks

Sharing

General

Malware Config

Extracted

Targets

Dave packer

MITRE ATT&CK Matrix

Tasks

static1

behavioral1

behavioral2