trickbot | 6c4609a6655bac0b7a06c570772fbd6d2ef0e8c02ef38e35c10f17c7a245b734

General

Target

6c4609a6655bac0b7a06c570772fbd6d2ef0e8c02ef38e35c10f17c7a245b734
Size

114KB
Sample

220731-h7b45secf5
MD5

d13f27532e3763fdc015616ba5388c4a
SHA1

19bab590540b23a2bcaf9533df8e566ec9512640
SHA256

6c4609a6655bac0b7a06c570772fbd6d2ef0e8c02ef38e35c10f17c7a245b734
SHA512

b9d598187a29341f64bb612c6e8a350a7a8e496f303c5e026ba75d49b991dfcf977d217aa1477650f86e23ad48e6c18b5c03f63e193fdad8df70230d9ef46cd3

Score

10^/10

trickbot 3101uk

Malware Config

Extracted

Family

trickbot

Version

1000031

Botnet

3101uk

C2

194.87.146.146:443

37.46.134.189:443

195.133.146.18:443

82.202.236.66:443

195.133.147.149:443

194.87.93.169:443

92.53.78.79:443

95.213.237.224:443

194.87.110.162:443

194.87.102.206:443

92.53.91.59:443

188.120.242.117:443

92.53.77.120:443

185.236.130.97:443

62.109.3.136:443

194.87.103.178:443

212.109.197.115:443

91.240.86.21:443

83.220.168.63:443

91.240.86.137:443

Attributes

autorun
Control:GetSystemInfo
Name:systeminfo
Name:injectDll

ecc_pubkey.base64

Targets

- Target
  
  6c4609a6655bac0b7a06c570772fbd6d2ef0e8c02ef38e35c10f17c7a245b734
- Size
  
  114KB
- MD5
  
  d13f27532e3763fdc015616ba5388c4a
- SHA1
  
  19bab590540b23a2bcaf9533df8e566ec9512640
- SHA256
  
  6c4609a6655bac0b7a06c570772fbd6d2ef0e8c02ef38e35c10f17c7a245b734
- SHA512
  
  b9d598187a29341f64bb612c6e8a350a7a8e496f303c5e026ba75d49b991dfcf977d217aa1477650f86e23ad48e6c18b5c03f63e193fdad8df70230d9ef46cd3
Score

6^/10
- Looks up external IP address via web service
  Uses a legitimate IP lookup service to find the infected system's external IP.
behavioral1 behavioral2

MITRE ATT&CK Matrix

Tasks

Sharing

General

Malware Config

Extracted

Targets

Looks up external IP address via web service

MITRE ATT&CK Matrix

Tasks

static1

behavioral1

behavioral2