trickbot

General

Target

01456db4d605878447a23541b55b8fb5f523cce9687c9299babdd900330fb2e2
Size

1.6MB
Sample

230519-thbmvshd2y
MD5

b7d80ae40a94e22fbf92af80bdf92e5e
SHA1

6d1c1b3e857d1e328c8b77eb13affd73350c1d55
SHA256

01456db4d605878447a23541b55b8fb5f523cce9687c9299babdd900330fb2e2
SHA512

448d6d9398471a38fe970b86933583ba39878d9a054a91fe15589ddc324012aff9488204225db04e709e04234fcebd24304580dcf9b05c68d5ca40d04639425a
SSDEEP

24576:pAtKEGcDDwHTz4dNIzX5x9QpCj8X2kNRVQoSLIKo8WXD3uQ5O3h3JMtbZ:46HTzCI1yXtL3kMtbZ

Score

10^/10

Malware Config

Extracted

Family

trickbot

Version

2000028

Botnet

tot81

C2

89.250.208.42:449

182.253.184.130:449

31.211.85.110:443

85.112.74.178:449

102.68.17.97:443

103.76.150.14:443

96.9.77.142:443

91.185.236.170:449

87.76.1.81:449

91.225.231.120:443

62.213.14.166:443

81.95.45.234:449

148.216.32.55:443

109.185.139.90:449

202.166.211.197:443

196.41.57.46:449

84.21.206.164:449

190.122.168.219:443

77.95.93.132:449

41.77.134.250:443

Attributes

autorun
Name:pwgrab

ecc_pubkey.base64

Targets

- Target
  
  01456db4d605878447a23541b55b8fb5f523cce9687c9299babdd900330fb2e2
- Size
  
  1.6MB
- MD5
  
  b7d80ae40a94e22fbf92af80bdf92e5e
- SHA1
  
  6d1c1b3e857d1e328c8b77eb13affd73350c1d55
- SHA256
  
  01456db4d605878447a23541b55b8fb5f523cce9687c9299babdd900330fb2e2
- SHA512
  
  448d6d9398471a38fe970b86933583ba39878d9a054a91fe15589ddc324012aff9488204225db04e709e04234fcebd24304580dcf9b05c68d5ca40d04639425a
- SSDEEP
  
  24576:pAtKEGcDDwHTz4dNIzX5x9QpCj8X2kNRVQoSLIKo8WXD3uQ5O3h3JMtbZ:46HTzCI1yXtL3kMtbZ
Score

10^/10

trickbot banker trojan tot81
- Trickbot
  Developed in 2016, TrickBot is one of the more recent banking Trojans.
  trojan banker trickbot
behavioral1 behavioral2

MITRE ATT&CK Matrix

Tasks

Sharing

General

Malware Config

Extracted

Targets

MITRE ATT&CK Matrix

Tasks

static1

behavioral1

behavioral2