trickbot

General

Target

ea01c96428e5b5170d3257fa7306a1ffd4c4338fc02eb0e9503b15d22545aa87
Size

454KB
Sample

240831-adgtjatfpe
MD5

aa78ceaa62b0f77b91fe64fbe555c8e2
SHA1

f0e14b816151a35ded2256c94b1ed9f0f874b15c
SHA256

ea01c96428e5b5170d3257fa7306a1ffd4c4338fc02eb0e9503b15d22545aa87
SHA512

db38fa179e04bead4a82ac030bb5d74951ea1e1083804c61f8faf0f4f375a941ad89661a86203d19fca28c4f029bc83e3c2b8d6c48016f0d676e5f5759e6ac63
SSDEEP

12288:jLcvG2rGReMq/QIY/0W0xm9AwRETcWMF+SOLM:0pv/Q50W0GiTdSdx

Score

10^/10

Malware Config

Extracted

Family

trickbot

Version

2000035

Botnet

tot166

C2

36.91.117.231:443

36.89.228.201:443

103.75.32.173:443

45.115.172.105:443

36.95.23.89:443

103.123.86.104:443

202.65.119.162:443

202.9.121.143:443

139.255.65.170:443

110.172.137.20:443

103.146.232.154:443

36.91.88.164:443

103.47.170.131:443

122.117.90.133:443

103.9.188.78:443

210.2.149.202:443

118.91.190.42:443

117.222.61.115:443

117.222.57.92:443

136.228.128.21:443

Attributes

autorun
Name:pwgrabb
Name:pwgrabc

ecc_pubkey.base64

Targets

- Target
  
  3011dafe5a343398402cd0351f3d5d003fdb7eebb47d6ac08197e957e1ea6a3e
- Size
  
  868KB
- MD5
  
  34f5f1d5e48bf99626f265450e819b47
- SHA1
  
  4e627f40ed154058cb518a7cfb31aa06d7c13faa
- SHA256
  
  3011dafe5a343398402cd0351f3d5d003fdb7eebb47d6ac08197e957e1ea6a3e
- SHA512
  
  93a0b8737c970a55cee6d3e934fff667e3d316f80e5023977897c377be0ea69c1d158f5a10873e75ae0c5242f8a6bc10550c13c6ec9d18def39f5901398640ff
- SSDEEP
  
  12288:DEMkCMMFkUED6ANs4ZD9V63Az2hPmy+khUzJUV/U:m+ED6+xZzkmiiMU
Score

10^/10

trickbot tot166 banker discovery trojan
- Trickbot
  Developed in 2016, TrickBot is one of the more recent banking Trojans.
  trojan banker trickbot
behavioral1 behavioral2

MITRE ATT&CK Enterprise v15

Reconnaissance

Resource Development

Initial Access

Execution

Persistence

Privilege Escalation

Defense Evasion

Credential Access

Discovery

System Location Discovery

1

T1614

System Language Discovery

1

T1614.001

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Tasks

Sharing

General

Malware Config

Extracted

Targets

MITRE ATT&CK Enterprise v15

Tasks

static1

behavioral1

behavioral2