trickbot

General

Target

28aeeb0903fb2cea43e845c927530497_icedid_JC.exe
Size

474KB
Sample

230818-q64rrsab75
MD5

28aeeb0903fb2cea43e845c927530497
SHA1

66b493eb993c30be7a6cd60a9d46cc698ce49117
SHA256

64c9a41b2f16689af7fae059f62d5c3f1199345cf2d2e47f7e7a6994215fedb0
SHA512

8b4dd897eee328cda3bbbaa8ba5e8385ef37844a55ba38a0400576568aea3408e1d2d3dbfe964986fcc4635a4ba21307f66fefbc43a247679e265cd418347c50
SSDEEP

6144:VD99OStAg28gqOGJCvcWP1xoyoYU0KYfAVquv6B2wnO8fHERVDJNZa5ioy:mg2mJCk6xofYVATU9pQVDlUs

Score

10^/10

Malware Config

Extracted

Family

trickbot

Version

100008

Botnet

mor7

C2

103.231.115.106:449

117.222.63.100:449

117.254.58.83:449

149.54.11.54:449

170.82.4.64:449

177.11.12.93:449

182.16.187.251:449

187.108.86.48:449

190.152.88.57:449

203.88.149.33:449

36.89.191.119:449

41.159.31.227:449

85.202.128.243:449

92.204.160.82:449

103.150.68.124:449

103.126.185.7:449

103.112.145.58:449

103.110.53.174:449

102.164.208.48:449

102.164.208.44:449

Attributes

autorun
Name:pwgrab

ecc_pubkey.base64

Targets

- Target
  
  28aeeb0903fb2cea43e845c927530497_icedid_JC.exe
- Size
  
  474KB
- MD5
  
  28aeeb0903fb2cea43e845c927530497
- SHA1
  
  66b493eb993c30be7a6cd60a9d46cc698ce49117
- SHA256
  
  64c9a41b2f16689af7fae059f62d5c3f1199345cf2d2e47f7e7a6994215fedb0
- SHA512
  
  8b4dd897eee328cda3bbbaa8ba5e8385ef37844a55ba38a0400576568aea3408e1d2d3dbfe964986fcc4635a4ba21307f66fefbc43a247679e265cd418347c50
- SSDEEP
  
  6144:VD99OStAg28gqOGJCvcWP1xoyoYU0KYfAVquv6B2wnO8fHERVDJNZa5ioy:mg2mJCk6xofYVATU9pQVDlUs
Score

10^/10

trickbot mor7 banker trojan
- Trickbot
  Developed in 2016, TrickBot is one of the more recent banking Trojans.
  trojan banker trickbot
behavioral1 behavioral2

MITRE ATT&CK Matrix

Tasks

Sharing

General

Malware Config

Extracted

Targets

MITRE ATT&CK Matrix

Tasks

static1

behavioral1

behavioral2