trickbot

General

Target

f9fd9ab57f62b91a584574e7c5dca006_JaffaCakes118
Size

568KB
Sample

240419-lajphadf25
MD5

f9fd9ab57f62b91a584574e7c5dca006
SHA1

862d7a91fa12610868f1bae6e8716b24de14920f
SHA256

9c31f43a0c48a56de0e30cbdf89f8d03dd6cf73b2c2ec392bf285830454ae444
SHA512

00263be3e9d78fa3810ba0908aaadf3504dea94edd3a6f113e8b0ceb996e9dbd725346f9b364f2cd99ffdead4e82659398c98406a7729821740c3cf4ff7c5e0b
SSDEEP

12288:1g1pjWbIFbFc0WkROi9D/oj5vbaF/3uGzchJAQficGw:1aQIFbFpQIToj9baFvbghJAfhw

Score

10^/10

Malware Config

Extracted

Family

trickbot

Version

2000032

Botnet

tot130

C2

103.122.228.44:443

196.216.220.211:443

181.114.215.239:443

41.57.156.203:443

43.252.159.63:443

197.156.129.250:443

113.160.37.196:443

38.110.100.64:443

113.160.132.237:443

24.28.12.23:443

38.110.100.219:443

45.239.233.109:443

119.202.8.249:443

200.236.218.62:443

220.82.64.198:443

190.93.208.53:443

196.216.59.174:443

222.124.16.74:443

202.165.47.106:443

96.9.77.56:443

Attributes

autorun
Name:pwgrabb
Name:pwgrabc

ecc_pubkey.base64

Targets

- Target
  
  f9fd9ab57f62b91a584574e7c5dca006_JaffaCakes118
- Size
  
  568KB
- MD5
  
  f9fd9ab57f62b91a584574e7c5dca006
- SHA1
  
  862d7a91fa12610868f1bae6e8716b24de14920f
- SHA256
  
  9c31f43a0c48a56de0e30cbdf89f8d03dd6cf73b2c2ec392bf285830454ae444
- SHA512
  
  00263be3e9d78fa3810ba0908aaadf3504dea94edd3a6f113e8b0ceb996e9dbd725346f9b364f2cd99ffdead4e82659398c98406a7729821740c3cf4ff7c5e0b
- SSDEEP
  
  12288:1g1pjWbIFbFc0WkROi9D/oj5vbaF/3uGzchJAQficGw:1aQIFbFpQIToj9baFvbghJAfhw
Score

10^/10

trickbot tot130 banker trojan
- Trickbot
  Developed in 2016, TrickBot is one of the more recent banking Trojans.
  trojan banker trickbot
behavioral1 behavioral2

MITRE ATT&CK Matrix

Tasks

Sharing

General

Malware Config

Extracted

Targets

MITRE ATT&CK Matrix

Tasks

static1

behavioral1

behavioral2