trickbot

General

Target

02c421f177d1b0d59fb7bba60c3228f0N
Size

284KB
Sample

240826-phx4mstajf
MD5

02c421f177d1b0d59fb7bba60c3228f0
SHA1

a80a58263261ca141b98ad7465b6098714dd638c
SHA256

a621dce9e78adce5997eab193ebf0c6b6292bfa4fc682d19d861e7b225e74de8
SHA512

2c5870a6cbcb9cf03f011cc7e6d20c614d436e530399eae2623281f7a1e8bacfc1091bbe62e1665c0bf7680c33662caba2a2bc41ad7310130f31197ccacf93a9
SSDEEP

3072:0o+xl5oF/eFtetnRQqKpGV8EwaVqwp97y84C0l1hHBBi3Xkjd+1txKwYSOyfJvYp:0o+hoF/eYREqZVx9Gf9Hb43JvYS1T63

Score

10^/10

Malware Config

Extracted

Family

trickbot

Version

2000030

Botnet

lib107

C2

196.43.106.38:443

186.97.172.178:443

37.228.70.134:443

144.48.139.206:443

190.110.179.139:443

172.105.15.152:443

177.67.137.111:443

27.72.107.215:443

186.66.15.10:443

189.206.78.155:443

202.131.227.229:443

185.9.187.10:443

196.41.57.46:443

212.200.25.118:443

197.254.14.238:443

45.229.71.211:443

181.167.217.53:443

181.129.116.58:443

185.189.55.207:443

172.104.241.29:443

Attributes

autorun
Name:pwgrabb
Name:pwgrabc

ecc_pubkey.base64

Targets

- Target
  
  02c421f177d1b0d59fb7bba60c3228f0N
- Size
  
  284KB
- MD5
  
  02c421f177d1b0d59fb7bba60c3228f0
- SHA1
  
  a80a58263261ca141b98ad7465b6098714dd638c
- SHA256
  
  a621dce9e78adce5997eab193ebf0c6b6292bfa4fc682d19d861e7b225e74de8
- SHA512
  
  2c5870a6cbcb9cf03f011cc7e6d20c614d436e530399eae2623281f7a1e8bacfc1091bbe62e1665c0bf7680c33662caba2a2bc41ad7310130f31197ccacf93a9
- SSDEEP
  
  3072:0o+xl5oF/eFtetnRQqKpGV8EwaVqwp97y84C0l1hHBBi3Xkjd+1txKwYSOyfJvYp:0o+hoF/eYREqZVx9Gf9Hb43JvYS1T63
Score

10^/10

trickbot lib107 banker discovery trojan
- Trickbot
  Developed in 2016, TrickBot is one of the more recent banking Trojans.
  trojan banker trickbot
behavioral1 behavioral2

MITRE ATT&CK Enterprise v15

Reconnaissance

Resource Development

Initial Access

Execution

Persistence

Privilege Escalation

Defense Evasion

Credential Access

Discovery

System Location Discovery

1

T1614

System Language Discovery

1

T1614.001

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Tasks

Sharing

General

Malware Config

Extracted

Targets

MITRE ATT&CK Enterprise v15

Tasks

static1

behavioral1

behavioral2