trickbot

General

Target

88ba80c7e97f8d3f03bd4dfebfc09668_JaffaCakes118
Size

431KB
Sample

240531-3hb33aac54
MD5

88ba80c7e97f8d3f03bd4dfebfc09668
SHA1

db0096c7b90fc7c68a167dd32076c1ce82a146f7
SHA256

11bbe7a9082f72b7f78b99cba61025a78e138e8393735cc9d57a4e85add2a16a
SHA512

e6c5785fa8a41587c4e12c7ff4d997bed6c267d04385e9dc8aee72974e2805a0a3ffcd67e386fe875c8da1ec911bd4786fdae192c6771dc4d646fa3943c90175
SSDEEP

6144:BQ8EaK3HpbyqPWah0MlHlHt7pIrBEowSHYvhmYJ8a4Lil3U:BQ8ETlPWm0MlFHBiE/JkLiS

Score

10^/10

Malware Config

Extracted

Family

trickbot

Version

1000113

Botnet

jim137

C2

94.127.111.14:449

62.69.241.103:449

62.109.14.24:443

185.234.15.180:443

185.234.15.183:443

92.63.102.238:443

92.63.97.53:443

92.63.97.233:443

109.234.35.29:443

92.63.97.73:443

193.233.62.60:443

194.87.146.135:443

193.233.62.6:443

92.63.107.175:443

194.87.102.214:443

92.63.105.134:443

194.87.103.210:443

78.155.218.137:443

109.234.34.143:443

95.213.237.49:443

Attributes

autorun
Control:GetSystemInfo
Name:systeminfo
Name:injectDll

ecc_pubkey.base64

Targets

- Target
  
  88ba80c7e97f8d3f03bd4dfebfc09668_JaffaCakes118
- Size
  
  431KB
- MD5
  
  88ba80c7e97f8d3f03bd4dfebfc09668
- SHA1
  
  db0096c7b90fc7c68a167dd32076c1ce82a146f7
- SHA256
  
  11bbe7a9082f72b7f78b99cba61025a78e138e8393735cc9d57a4e85add2a16a
- SHA512
  
  e6c5785fa8a41587c4e12c7ff4d997bed6c267d04385e9dc8aee72974e2805a0a3ffcd67e386fe875c8da1ec911bd4786fdae192c6771dc4d646fa3943c90175
- SSDEEP
  
  6144:BQ8EaK3HpbyqPWah0MlHlHt7pIrBEowSHYvhmYJ8a4Lil3U:BQ8ETlPWm0MlFHBiE/JkLiS
Score

10^/10

trickbot jim137 banker trojan
- Trickbot
  Developed in 2016, TrickBot is one of the more recent banking Trojans.
  trojan banker trickbot
- Executes dropped EXE
- Loads dropped DLL
behavioral1 behavioral2

MITRE ATT&CK Enterprise v15

Reconnaissance

Resource Development

Initial Access

Execution

Persistence

Privilege Escalation

Defense Evasion

Credential Access

Discovery

Query Registry

1

T1012

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Tasks

Sharing

General

Malware Config

Extracted

Targets

Executes dropped EXE

Loads dropped DLL

MITRE ATT&CK Enterprise v15

Tasks

static1

behavioral1

behavioral2