trickbot

General

Target

48e4552ed69de24287939835e4333a4d1fc62a78a730940d8df585b3af9815f7
Size

315KB
Sample

220714-byfmmsage7
MD5

fe9ecea821f94c0f51c203df9fe8e22b
SHA1

37d2f43e3982d280be2679baa0374db4e3f7f219
SHA256

48e4552ed69de24287939835e4333a4d1fc62a78a730940d8df585b3af9815f7
SHA512

93c4237eced462c639309e2986d1752b9602b02e586933dee3706727c36a3ca4213344caa94bf513ff2c34547377f83e9d7c4fa7f4f2b53976ff99e65f03d84e

Score

10^/10

Malware Config

Extracted

Family

trickbot

Version

1000485

Botnet

kin5

C2

212.73.150.233:443

108.170.52.149:443

195.123.220.193:443

185.99.2.242:443

107.173.160.18:443

23.94.3.13:443

192.3.73.164:443

195.54.162.66:443

45.141.100.6:443

94.156.35.235:443

192.3.247.106:443

194.5.250.169:443

37.230.114.53:443

194.5.250.109:443

103.219.213.102:449

117.255.221.135:449

189.28.185.50:449

177.105.242.229:449

190.214.13.2:449

181.140.173.186:449

Attributes

autorun
Name:pwgrab

ecc_pubkey.base64

Targets

- Target
  
  48e4552ed69de24287939835e4333a4d1fc62a78a730940d8df585b3af9815f7
- Size
  
  315KB
- MD5
  
  fe9ecea821f94c0f51c203df9fe8e22b
- SHA1
  
  37d2f43e3982d280be2679baa0374db4e3f7f219
- SHA256
  
  48e4552ed69de24287939835e4333a4d1fc62a78a730940d8df585b3af9815f7
- SHA512
  
  93c4237eced462c639309e2986d1752b9602b02e586933dee3706727c36a3ca4213344caa94bf513ff2c34547377f83e9d7c4fa7f4f2b53976ff99e65f03d84e
Score

10^/10

trickbot kin5 banker trojan
- Trickbot
  Developed in 2016, TrickBot is one of the more recent banking Trojans.
  trojan banker trickbot
- Trickbot x86 loader
  Detected Trickbot's x86 loader that unpacks the x86 payload.
- Executes dropped EXE
behavioral1 behavioral2

MITRE ATT&CK Matrix

Tasks

Sharing

General

Malware Config

Extracted

Targets

Trickbot x86 loader

Executes dropped EXE

MITRE ATT&CK Matrix

Tasks

static1

behavioral1

behavioral2