trickbot

General

Target

972ce8dd5e44ea0d65447c3c591014320e0f53caa8c5e3f03d69e6c09105a2ae
Size

262KB
Sample

240831-bvr69sxgje
MD5

a1addd36d46258b9e7628f2b531b2e67
SHA1

bfc84ec7e1bdbedc8c2c731c2b93106a0d41c0e9
SHA256

972ce8dd5e44ea0d65447c3c591014320e0f53caa8c5e3f03d69e6c09105a2ae
SHA512

2910b807d539e7942ff773bab28f8f8e214b8f1464e7c403f6dcd0369dde6250582e95a1e7f8376170cd5727e4fdc8af125d05cbea58f3112ee482989bced5b2
SSDEEP

6144:+l3Dx6mPs8HwLkA+c3IqIFXMYsH6xR10bpAxJJ:+NA8HwLkAR4qiXMBarmVA9

Score

10^/10

Malware Config

Extracted

Family

trickbot

Version

100019

Botnet

soc1

C2

65.152.201.203:443

185.56.175.122:443

46.99.175.217:443

179.189.229.254:443

46.99.175.149:443

181.129.167.82:443

216.166.148.187:443

46.99.188.223:443

128.201.76.252:443

62.99.79.77:443

60.51.47.65:443

24.162.214.166:443

45.36.99.184:443

97.83.40.67:443

184.74.99.214:443

103.105.254.17:443

62.99.76.213:443

82.159.149.52:443

Attributes

autorun
Name:pwgrabb
Name:pwgrabc

ecc_pubkey.base64

Targets

- Target
  
  430c2e05eca22f5537f141dd06e0d8861c0d4e0eda157a18070b13e655b62128
- Size
  
  435KB
- MD5
  
  53ae3c780a2e4ea216456700149287c3
- SHA1
  
  40e60f60aba0c8a610e754cd1a40cd3b19abe473
- SHA256
  
  430c2e05eca22f5537f141dd06e0d8861c0d4e0eda157a18070b13e655b62128
- SHA512
  
  5fa0ce6c3d22b5d2cf707a91a9438391f073cc9c72fbdeb7abcc56b7c1ded0b524b3d72a239353a55dc2d35b2fdbcca456aa3437e862f65fbcaf5a675f58a2be
- SSDEEP
  
  12288:JrE5InxGNfD70nBqoYxSItPPOx5qOPcltMfJMF72wtPQL6Rg:JrEyofUnaXU8OcltMf69vtM6
Score

10^/10

trickbot soc1 banker discovery trojan
- Trickbot
  Developed in 2016, TrickBot is one of the more recent banking Trojans.
  trojan banker trickbot
behavioral1 behavioral2

MITRE ATT&CK Enterprise v15

Reconnaissance

Resource Development

Initial Access

Execution

Persistence

Privilege Escalation

Defense Evasion

Credential Access

Discovery

System Location Discovery

1

T1614

System Language Discovery

1

T1614.001

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Tasks

Sharing

General

Malware Config

Extracted

Targets

MITRE ATT&CK Enterprise v15

Tasks

static1

behavioral1

behavioral2