trickbot

General

Target

70e174bd12c86d43854717f99cfc1562d53871519a61e9d226bedce89c906e7a
Size

516KB
Sample

241009-lgqfmavakj
MD5

b9ef3c9986151bc18853d1d7572bfb2a
SHA1

d2a66a06c4c8e0590f8c2516a440db5f966f16c0
SHA256

70e174bd12c86d43854717f99cfc1562d53871519a61e9d226bedce89c906e7a
SHA512

cb9d7e879ba318992a6a0728cdcb4f8a827fefe91f306979e17fcd389fde981dde2769935584ac7061c56ac35dfed340ff73126c104e100c0b9ff431ed770b31
SSDEEP

12288:VE2DFZrTO3X+3jLOBWTNvFD1VeubeMl2005W7eQT:VrrTO3u3WwZv91VeAlXw

Score

10^/10

Malware Config

Extracted

Family

trickbot

Version

100018

Botnet

sat2

C2

38.110.103.124:443

185.56.76.28:443

204.138.26.60:443

60.51.47.65:443

74.85.157.139:443

68.69.26.182:443

38.110.103.136:443

38.110.103.18:443

138.34.28.219:443

185.56.76.94:443

217.115.240.248:443

24.162.214.166:443

80.15.2.105:443

154.58.23.192:443

38.110.100.104:443

45.36.99.184:443

185.56.76.108:443

185.56.76.72:443

138.34.28.35:443

97.83.40.67:443

Attributes

autorun
Name:pwgrabb
Name:pwgrabc

ecc_pubkey.base64

1
RUNTMzAAAABbfmkJRvwyw7iFkX40hL2HwsUeOSZZZo0FRRWGkY6J1+gf3YKq13Ee4sY3Jb9/0myCr0MwzNK1K2l5yuY87nW29Q/yjMJG0ISDj0HNBC3G+ZGta6Oi9QkjCwnNGbw2hQ4=

Targets

- Target
  
  70e174bd12c86d43854717f99cfc1562d53871519a61e9d226bedce89c906e7a
- Size
  
  516KB
- MD5
  
  b9ef3c9986151bc18853d1d7572bfb2a
- SHA1
  
  d2a66a06c4c8e0590f8c2516a440db5f966f16c0
- SHA256
  
  70e174bd12c86d43854717f99cfc1562d53871519a61e9d226bedce89c906e7a
- SHA512
  
  cb9d7e879ba318992a6a0728cdcb4f8a827fefe91f306979e17fcd389fde981dde2769935584ac7061c56ac35dfed340ff73126c104e100c0b9ff431ed770b31
- SSDEEP
  
  12288:VE2DFZrTO3X+3jLOBWTNvFD1VeubeMl2005W7eQT:VrrTO3u3WwZv91VeAlXw
Score

10^/10

trickbot sat2 banker discovery trojan
- Trickbot
  Developed in 2016, TrickBot is one of the more recent banking Trojans.
  trojan banker trickbot
behavioral1 behavioral2

MITRE ATT&CK Enterprise v15

Reconnaissance

Resource Development

Initial Access

Execution

Persistence

Privilege Escalation

Defense Evasion

Credential Access

Discovery

System Location Discovery

1

T1614

System Language Discovery

1

T1614.001

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Tasks

Sharing

General

Malware Config

Extracted

Targets

MITRE ATT&CK Enterprise v15

Tasks

static1

behavioral1

behavioral2

We care about your privacy.