trickbot

General

Target

09f99ca7fce7e7f479c25c4b1bfa9dab.zip
Size

489KB
Sample

240903-2j2jnszgmh
MD5

b6a2ab5e0962bdc9eb6729bd0662958e
SHA1

e3218dd53597cbd344d011e2fda86fd1af3e98f3
SHA256

6b8f70046fd3d8db2f34b06e8f497d1045a989f2be016e3bb9a509323189d690
SHA512

66853c5c042fa7bd7192ffbd8247e02fb3c6bb367ff7af3d8966ba0c03f9a090e2327c5528d3d9427e841d626fb75b99ae980796c14899493e454785b1c4e913
SSDEEP

12288:6mTnPmU+q0VrwNOKZhWqfSqZGHe+mRyfa645K3P+i:XTeXq0VrTPq9keH2a6b3P+i

Score

10^/10

Malware Config

Extracted

Family

trickbot

Version

2000035

Botnet

tot165

C2

36.91.117.231:443

36.89.228.201:443

103.75.32.173:443

45.115.172.105:443

36.95.23.89:443

103.123.86.104:443

202.65.119.162:443

202.9.121.143:443

139.255.65.170:443

110.172.137.20:443

103.146.232.154:443

36.91.88.164:443

103.47.170.131:443

122.117.90.133:443

103.9.188.78:443

210.2.149.202:443

118.91.190.42:443

117.222.61.115:443

117.222.57.92:443

136.228.128.21:443

Attributes

autorun
Name:pwgrabb
Name:pwgrabc

ecc_pubkey.base64

Targets

- Target
  
  a3376a718005e68c993f282b7fc1b034f002093c464189ee1b7319338ed01ff8
- Size
  
  960KB
- MD5
  
  09f99ca7fce7e7f479c25c4b1bfa9dab
- SHA1
  
  0422866053abdf8df496fa5a0cc7ff9eefb219de
- SHA256
  
  a3376a718005e68c993f282b7fc1b034f002093c464189ee1b7319338ed01ff8
- SHA512
  
  8cb6b53420f46fbb6d4fb59b823964f3e8d7b6d23b4f7b4ede4c7af2b84bcd9ea29487dac4d8fc16e39ac58275b1ac869dc800dc366ecd9e239118fdf24d2e9e
- SSDEEP
  
  12288:buNnXQFkBgaR2G0a+mzdmnCWZOql1Al9H2qxD0zBzbM1QA5lYxWLX8jRiTVUCU66:KSa+mzdgZO5DDaAFLX8jRmUCU66
Score

10^/10

trickbot tot165 banker discovery trojan
- Trickbot
  Developed in 2016, TrickBot is one of the more recent banking Trojans.
  trojan banker trickbot
behavioral1 behavioral2

MITRE ATT&CK Enterprise v15

Reconnaissance

Resource Development

Initial Access

Execution

Persistence

Privilege Escalation

Defense Evasion

Credential Access

Discovery

System Location Discovery

1

T1614

System Language Discovery

1

T1614.001

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Tasks

Sharing

General

Malware Config

Extracted

Targets

MITRE ATT&CK Enterprise v15

Tasks

static1

behavioral1

behavioral2