trickbot

General

Target

fe20e0052339fa763d7773fd673f8cb4_JaffaCakes118
Size

2.4MB
Sample

240421-b2gdcaga4t
MD5

fe20e0052339fa763d7773fd673f8cb4
SHA1

bb1f3b11677aecf0996a46311b3aca618b78d3f9
SHA256

15b35b8aff81df5c8aacb2bd02323cdd49cae5710e254f1d0812b8f2b57de076
SHA512

32a4d688e995e8b661b55a10ea94c1200e75fdd6e931df277c42b06ab85fe0ae5ae04194fc35dc5e023533a729ef0fa8a79f9c4ec76240989327894dc4280130
SSDEEP

24576:U9W51mWlqgrQ/kaqVv0cWsgIqcDhAwpA1UHf/5w4JjXHKJJou6gn5VLnJd2Z:QWzjlqgrQcd0c8whH03n5VLH2Z

Score

10^/10

Malware Config

Extracted

Family

trickbot

Version

2000030

Botnet

nob1

C2

196.43.106.38:443

186.97.172.178:443

37.228.70.134:443

144.48.139.206:443

190.110.179.139:443

172.105.15.152:443

177.67.137.111:443

27.72.107.215:443

186.66.15.10:443

189.206.78.155:443

202.131.227.229:443

185.9.187.10:443

196.41.57.46:443

212.200.25.118:443

197.254.14.238:443

45.229.71.211:443

181.167.217.53:443

181.129.116.58:443

185.189.55.207:443

172.104.241.29:443

Attributes

autorun
Name:pwgrabb
Name:pwgrabc

ecc_pubkey.base64

Targets

- Target
  
  fe20e0052339fa763d7773fd673f8cb4_JaffaCakes118
- Size
  
  2.4MB
- MD5
  
  fe20e0052339fa763d7773fd673f8cb4
- SHA1
  
  bb1f3b11677aecf0996a46311b3aca618b78d3f9
- SHA256
  
  15b35b8aff81df5c8aacb2bd02323cdd49cae5710e254f1d0812b8f2b57de076
- SHA512
  
  32a4d688e995e8b661b55a10ea94c1200e75fdd6e931df277c42b06ab85fe0ae5ae04194fc35dc5e023533a729ef0fa8a79f9c4ec76240989327894dc4280130
- SSDEEP
  
  24576:U9W51mWlqgrQ/kaqVv0cWsgIqcDhAwpA1UHf/5w4JjXHKJJou6gn5VLnJd2Z:QWzjlqgrQcd0c8whH03n5VLH2Z
Score

10^/10

trickbot nob1 banker trojan
- Trickbot
  Developed in 2016, TrickBot is one of the more recent banking Trojans.
  trojan banker trickbot
behavioral1 behavioral2

MITRE ATT&CK Matrix

Tasks

Sharing

General

Malware Config

Extracted

Targets

MITRE ATT&CK Matrix

Tasks

static1

behavioral1

behavioral2