trickbot | 6ad8147246e38373e88df519a50cf7519057437500d726fb917d6aea23ea7d36

General

Target

6ad8147246e38373e88df519a50cf7519057437500d726fb917d6aea23ea7d36
Size

193KB
Sample

220625-lzag5affdr
MD5

7948f6ac23a29727b26527fb63dd405e
SHA1

3ad14f80ceb1d78a7a333e3bf2a663a650a8a05e
SHA256

6ad8147246e38373e88df519a50cf7519057437500d726fb917d6aea23ea7d36
SHA512

51cd177a6b9787ad397e27ade911ecedbd3ccf88944b6bafa7aafc87efb48a165b875278d5735739fe6e3c930f88e19f75e017a53ed5a0559aaa4d6e04b9c2e7

Score

10^/10

Malware Config

Extracted

Family

trickbot

Version

1000497

Botnet

jim659

C2

5.182.210.226:443

5.182.210.246:443

82.146.62.52:443

198.8.91.10:443

195.123.221.53:443

51.89.115.116:443

164.68.120.56:443

85.204.116.237:443

5.2.75.167:443

93.189.42.146:443

185.252.144.174:443

81.177.165.145:443

217.107.34.151:443

146.185.219.165:443

194.87.238.87:443

146.185.253.18:443

194.5.250.155:443

195.123.216.223:443

185.99.2.160:443

5.182.210.230:443

Attributes

autorun
Name:pwgrab

ecc_pubkey.base64

Targets

- Target
  
  6ad8147246e38373e88df519a50cf7519057437500d726fb917d6aea23ea7d36
- Size
  
  193KB
- MD5
  
  7948f6ac23a29727b26527fb63dd405e
- SHA1
  
  3ad14f80ceb1d78a7a333e3bf2a663a650a8a05e
- SHA256
  
  6ad8147246e38373e88df519a50cf7519057437500d726fb917d6aea23ea7d36
- SHA512
  
  51cd177a6b9787ad397e27ade911ecedbd3ccf88944b6bafa7aafc87efb48a165b875278d5735739fe6e3c930f88e19f75e017a53ed5a0559aaa4d6e04b9c2e7
Score

8^/10
- Executes dropped EXE
- Loads dropped DLL
behavioral1 behavioral2

MITRE ATT&CK Matrix

Tasks

Sharing

General

Malware Config

Extracted

Targets

Executes dropped EXE

Loads dropped DLL

MITRE ATT&CK Matrix

Tasks

static1

behavioral1

behavioral2