trickbot

General

Target

853c5f48616fd2afd63e487d197c9796_JaffaCakes118
Size

464KB
Sample

240810-h3ttdsvbrd
MD5

853c5f48616fd2afd63e487d197c9796
SHA1

e1cc2d9cb09c029bd63ce40f19b99c81d6a37794
SHA256

062f094b3b20d67c5dbaee280d3def3d9c352401e5a0306cc19565034e8937a2
SHA512

d7163c5d540cd6537e1bf90b37afd6c05afe7e47cdb0dd9548c628aa1fe997ec7fd29d0d6f0cb3afc4a2e5cf6ccf61462e5c63e55989cfec293e5fda848b8abd
SSDEEP

12288:MuX3k1x9bnpgsxcUDte8VGnT9fU7LLsUoI4WMX:MuHk1XpiUDtepT9fSLLsb5

Score

10^/10

Malware Config

Extracted

Family

trickbot

Version

100011

Botnet

rob59

C2

194.5.249.156:443

142.202.191.164:443

193.8.194.96:443

45.155.173.242:443

108.170.20.75:443

185.163.45.138:443

94.140.114.136:443

134.119.186.202:443

200.52.147.93:443

45.230.244.20:443

186.250.157.116:443

186.137.85.76:443

36.94.62.207:443

182.253.107.34:443

Attributes

autorun
Name:pwgrab

ecc_pubkey.base64

Targets

- Target
  
  853c5f48616fd2afd63e487d197c9796_JaffaCakes118
- Size
  
  464KB
- MD5
  
  853c5f48616fd2afd63e487d197c9796
- SHA1
  
  e1cc2d9cb09c029bd63ce40f19b99c81d6a37794
- SHA256
  
  062f094b3b20d67c5dbaee280d3def3d9c352401e5a0306cc19565034e8937a2
- SHA512
  
  d7163c5d540cd6537e1bf90b37afd6c05afe7e47cdb0dd9548c628aa1fe997ec7fd29d0d6f0cb3afc4a2e5cf6ccf61462e5c63e55989cfec293e5fda848b8abd
- SSDEEP
  
  12288:MuX3k1x9bnpgsxcUDte8VGnT9fU7LLsUoI4WMX:MuHk1XpiUDtepT9fSLLsb5
Score

10^/10

trickbot rob59 banker discovery packer trojan
- Trickbot
  Developed in 2016, TrickBot is one of the more recent banking Trojans.
  trojan banker trickbot
- Templ.dll packer
  Detects Templ.dll packer which usually loads Trickbot.
  packer
behavioral1 behavioral2

MITRE ATT&CK Enterprise v15

Reconnaissance

Resource Development

Initial Access

Execution

Persistence

Privilege Escalation

Defense Evasion

Credential Access

Discovery

System Location Discovery

1

T1614

System Language Discovery

1

T1614.001

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Tasks

Sharing

General

Malware Config

Extracted

Targets

Templ.dll packer

MITRE ATT&CK Enterprise v15

Tasks

static1

behavioral1

behavioral2