trickbot

General

Target

56b2a820c1511948a57b90e1d16ee356.zip
Size

454KB
Sample

240831-bfktmswgmd
MD5

547688a148af9e358d2d956a674ac221
SHA1

2fe1756d81087ff7f719944972c04bf382d30037
SHA256

b3923ec9db21e03940d690d7a461c9f356d14fad57a3245c251baf3aa79c2a13
SHA512

e5325d3b70a46c19bab91e7b36beb677d1d9ed00f196b85d4bf1473f50e86437d9007432a18f6ad7d611158a280b594e5eb7ed231a853bda111d732785ceed7e
SSDEEP

6144:3OLlmPjHr9l1K6MVsG3v3pxKmEPkp/8o+FNFyBdicJF35fu+hPJq8RqCSVU0+Pxw:3OQt26MV3v3Oz82o6/4HJdhEBUhW9UW

Score

10^/10

Malware Config

Extracted

Family

trickbot

Version

2000035

Botnet

tot166

C2

36.91.117.231:443

36.89.228.201:443

103.75.32.173:443

45.115.172.105:443

36.95.23.89:443

103.123.86.104:443

202.65.119.162:443

202.9.121.143:443

139.255.65.170:443

110.172.137.20:443

103.146.232.154:443

36.91.88.164:443

103.47.170.131:443

122.117.90.133:443

103.9.188.78:443

210.2.149.202:443

118.91.190.42:443

117.222.61.115:443

117.222.57.92:443

136.228.128.21:443

Attributes

autorun
Name:pwgrabb
Name:pwgrabc

ecc_pubkey.base64

Targets

- Target
  
  0aed190afa07b9d4e544f43600d34d7b58e50085f17ee66a92a1d3836f4b6f7b
- Size
  
  868KB
- MD5
  
  56b2a820c1511948a57b90e1d16ee356
- SHA1
  
  b4a20f53168588dba165876e9e5d6a95dd376e28
- SHA256
  
  0aed190afa07b9d4e544f43600d34d7b58e50085f17ee66a92a1d3836f4b6f7b
- SHA512
  
  fac31619142094402589f9d58d41e811d6051f8e4803ff768d9053c70772f92990fab553e5010f406337baaf06963254082a29f7a31f6beb6d35219be77242f6
- SSDEEP
  
  12288:DEMkCMMFkUED6ANs4ZD9V63Az2hPmy+khUzJUN/w:m+ED6+xZzkmii8w
Score

10^/10

trickbot tot166 banker discovery trojan
- Trickbot
  Developed in 2016, TrickBot is one of the more recent banking Trojans.
  trojan banker trickbot
behavioral1 behavioral2

MITRE ATT&CK Enterprise v15

Reconnaissance

Resource Development

Initial Access

Execution

Persistence

Privilege Escalation

Defense Evasion

Credential Access

Discovery

System Location Discovery

1

T1614

System Language Discovery

1

T1614.001

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Tasks

Sharing

General

Malware Config

Extracted

Targets

MITRE ATT&CK Enterprise v15

Tasks

static1

behavioral1

behavioral2