trickbot | e6bdeae21f873a739645c0f4cc86c91432ea1d2c229aac9af135f691482fdc9b

General

Target

e6bdeae21f873a739645c0f4cc86c91432ea1d2c229aac9af135f691482fdc9b
Size

192KB
Sample

220625-ly26raffcr
MD5

1e3114933e986925635982ecd5233f20
SHA1

64b02073f88dfcac300047857a1d68aedee83481
SHA256

e6bdeae21f873a739645c0f4cc86c91432ea1d2c229aac9af135f691482fdc9b
SHA512

750eb418876df845ae49e13300a67811c4c7afa020473397df9e483d76ee41afb35974b1bc13f150f54d1a4f9e3af5960f8a4de65a2d65e46864b812ed276381

Score

10^/10

Malware Config

Extracted

Family

trickbot

Version

1000500

Botnet

tot684

C2

5.182.210.226:443

185.62.188.10:443

185.252.144.190:443

92.223.93.153:443

51.89.115.99:443

89.32.41.126:443

5.255.96.153:443

94.156.35.216:443

80.87.195.21:443

5.34.176.184:443

62.109.1.7:443

212.80.216.181:443

5.182.210.120:443

194.5.250.166:443

185.14.30.209:443

51.89.115.103:443

85.204.116.179:443

194.5.250.168:443

190.214.13.2:449

181.140.173.186:449

Attributes

autorun
Name:pwgrab

ecc_pubkey.base64

Targets

- Target
  
  e6bdeae21f873a739645c0f4cc86c91432ea1d2c229aac9af135f691482fdc9b
- Size
  
  192KB
- MD5
  
  1e3114933e986925635982ecd5233f20
- SHA1
  
  64b02073f88dfcac300047857a1d68aedee83481
- SHA256
  
  e6bdeae21f873a739645c0f4cc86c91432ea1d2c229aac9af135f691482fdc9b
- SHA512
  
  750eb418876df845ae49e13300a67811c4c7afa020473397df9e483d76ee41afb35974b1bc13f150f54d1a4f9e3af5960f8a4de65a2d65e46864b812ed276381
Score

8^/10
- Executes dropped EXE
- Loads dropped DLL
behavioral1 behavioral2

MITRE ATT&CK Matrix

Tasks

Sharing

General

Malware Config

Extracted

Targets

Executes dropped EXE

Loads dropped DLL

MITRE ATT&CK Matrix

Tasks

static1

behavioral1

behavioral2