trickbot

General

Target

ac11833ad6b6b6b894c8afc1bcb68140_JaffaCakes118
Size

353KB
Sample

240819-wx88sasflq
MD5

ac11833ad6b6b6b894c8afc1bcb68140
SHA1

b321f66d1a06ef9883ca06d78e0f0b2dd1705c93
SHA256

58cdbb2c17ea6d6eb5a1c6952a8c6bf9e918c51bfc58a2639d2cf031b359da06
SHA512

3c8910e49cdc55277913d9b0184f17fba5fe812cc8f70bbf4ef51e0a46c209d2ea5c1406d2fe9445c9455cc095329a5825102fd86b37c979de617dcae63b2393
SSDEEP

6144:MvcW/D6HvoYb988GdTIKEXv/ZwHxIdfrYOxO6c8PCJV:M0E6Po498tTlEHZwRaYoO6uJV

Score

10^/10

Malware Config

Extracted

Family

trickbot

Version

100011

Botnet

mon57

C2

194.5.249.156:443

142.202.191.164:443

193.8.194.96:443

45.155.173.242:443

108.170.20.75:443

185.163.45.138:443

94.140.114.136:443

134.119.186.202:443

200.52.147.93:443

45.230.244.20:443

186.250.157.116:443

186.137.85.76:443

36.94.62.207:443

182.253.107.34:443

Attributes

autorun
Name:pwgrab

ecc_pubkey.base64

Targets

- Target
  
  ac11833ad6b6b6b894c8afc1bcb68140_JaffaCakes118
- Size
  
  353KB
- MD5
  
  ac11833ad6b6b6b894c8afc1bcb68140
- SHA1
  
  b321f66d1a06ef9883ca06d78e0f0b2dd1705c93
- SHA256
  
  58cdbb2c17ea6d6eb5a1c6952a8c6bf9e918c51bfc58a2639d2cf031b359da06
- SHA512
  
  3c8910e49cdc55277913d9b0184f17fba5fe812cc8f70bbf4ef51e0a46c209d2ea5c1406d2fe9445c9455cc095329a5825102fd86b37c979de617dcae63b2393
- SSDEEP
  
  6144:MvcW/D6HvoYb988GdTIKEXv/ZwHxIdfrYOxO6c8PCJV:M0E6Po498tTlEHZwRaYoO6uJV
Score

10^/10

trickbot mon57 banker discovery packer trojan
- Trickbot
  Developed in 2016, TrickBot is one of the more recent banking Trojans.
  trojan banker trickbot
- Templ.dll packer
  Detects Templ.dll packer which usually loads Trickbot.
  packer
behavioral1 behavioral2

MITRE ATT&CK Enterprise v15

Reconnaissance

Resource Development

Initial Access

Execution

Persistence

Privilege Escalation

Defense Evasion

Credential Access

Discovery

System Location Discovery

1

T1614

System Language Discovery

1

T1614.001

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Tasks

Sharing

General

Malware Config

Extracted

Targets

Templ.dll packer

MITRE ATT&CK Enterprise v15

Tasks

static1

behavioral1

behavioral2