trickbot

General

Target

2a07bb23710b3a63adcc59633e091240525ffdd5d292610fc7853f0715a2292b
Size

860KB
Sample

240908-q6hvaszbjm
MD5

e984db73d897e1dc01ba1a53dec07120
SHA1

3e8d5b124296a263b220935a7a96404f04d6afa5
SHA256

2a07bb23710b3a63adcc59633e091240525ffdd5d292610fc7853f0715a2292b
SHA512

0047366e46c27ae595b030ed5395adb73b4589a7e50d6c37f1d1f33853e5dac8779685d934c01fa777be608ffed033cbbe898cb3d75230757252f4325810e9e9
SSDEEP

12288:HJ0a3zWbbybNJx6Aa7dNRZTDtRZaftsCf/xEnguU:BWyxJx6ZRZ3tR4ftsmNn

Score

10^/10

Malware Config

Extracted

Family

trickbot

Version

100018

Botnet

tot101

C2

38.110.103.124:443

185.56.76.28:443

204.138.26.60:443

60.51.47.65:443

74.85.157.139:443

68.69.26.182:443

38.110.103.136:443

38.110.103.18:443

138.34.28.219:443

185.56.76.94:443

217.115.240.248:443

24.162.214.166:443

80.15.2.105:443

154.58.23.192:443

38.110.100.104:443

45.36.99.184:443

185.56.76.108:443

185.56.76.72:443

138.34.28.35:443

97.83.40.67:443

Attributes

autorun
Name:pwgrabb
Name:pwgrabc

ecc_pubkey.base64

Targets

- Target
  
  2a07bb23710b3a63adcc59633e091240525ffdd5d292610fc7853f0715a2292b
- Size
  
  860KB
- MD5
  
  e984db73d897e1dc01ba1a53dec07120
- SHA1
  
  3e8d5b124296a263b220935a7a96404f04d6afa5
- SHA256
  
  2a07bb23710b3a63adcc59633e091240525ffdd5d292610fc7853f0715a2292b
- SHA512
  
  0047366e46c27ae595b030ed5395adb73b4589a7e50d6c37f1d1f33853e5dac8779685d934c01fa777be608ffed033cbbe898cb3d75230757252f4325810e9e9
- SSDEEP
  
  12288:HJ0a3zWbbybNJx6Aa7dNRZTDtRZaftsCf/xEnguU:BWyxJx6ZRZ3tR4ftsmNn
Score

10^/10

trickbot tot101 banker discovery trojan
- Trickbot
  Developed in 2016, TrickBot is one of the more recent banking Trojans.
  trojan banker trickbot
behavioral1 behavioral2

MITRE ATT&CK Enterprise v15

Reconnaissance

Resource Development

Initial Access

Execution

Persistence

Privilege Escalation

Defense Evasion

Credential Access

Discovery

System Location Discovery

1

T1614

System Language Discovery

1

T1614.001

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Tasks

Sharing

General

Malware Config

Extracted

Targets

MITRE ATT&CK Enterprise v15

Tasks

static1

behavioral1

behavioral2