trickbot

General

Target

3ee90c04463266c4915e5e43ba816681_JaffaCakes118
Size

384KB
Sample

241013-kr6d6asdqn
MD5

3ee90c04463266c4915e5e43ba816681
SHA1

960105eca81a436de711293af102d6372af1e5f2
SHA256

0dc402a175731a74019b53f4c529d1af6d42b5756265b310a0a60a3df56142b4
SHA512

9151cce44395f36fb11f4405e3f518ae54c872d8b607038990f351eff2a765103c297aadf59d5e39219c04e41d0161ded78040d2756c88c211df26fdcdc75c82
SSDEEP

6144:8vxsx9EI2GE+pzvzAyklBUAVZCpBjfcQ963M6FGzEoQAk6:Kxs9EggUAVZCsQ4/EEoY6

Score

10^/10

Malware Config

Extracted

Family

trickbot

Version

2000033

Botnet

tot155

C2

179.42.137.102:443

191.36.152.198:443

179.42.137.104:443

179.42.137.106:443

179.42.137.108:443

202.183.12.124:443

194.190.18.122:443

103.56.207.230:443

171.103.187.218:449

171.103.189.118:449

18.139.111.104:443

179.42.137.105:443

186.4.193.75:443

171.101.229.2:449

179.42.137.107:443

103.56.43.209:449

179.42.137.110:443

45.181.207.156:443

197.44.54.162:449

179.42.137.109:443

Attributes

autorun
Name:pwgrabb
Name:pwgrabc

ecc_pubkey.base64

Targets

- Target
  
  3ee90c04463266c4915e5e43ba816681_JaffaCakes118
- Size
  
  384KB
- MD5
  
  3ee90c04463266c4915e5e43ba816681
- SHA1
  
  960105eca81a436de711293af102d6372af1e5f2
- SHA256
  
  0dc402a175731a74019b53f4c529d1af6d42b5756265b310a0a60a3df56142b4
- SHA512
  
  9151cce44395f36fb11f4405e3f518ae54c872d8b607038990f351eff2a765103c297aadf59d5e39219c04e41d0161ded78040d2756c88c211df26fdcdc75c82
- SSDEEP
  
  6144:8vxsx9EI2GE+pzvzAyklBUAVZCpBjfcQ963M6FGzEoQAk6:Kxs9EggUAVZCsQ4/EEoY6
Score

10^/10

trickbot tot155 banker discovery trojan
- Trickbot
  Developed in 2016, TrickBot is one of the more recent banking Trojans.
  trojan banker trickbot
behavioral1 behavioral2

MITRE ATT&CK Enterprise v15

Reconnaissance

Resource Development

Initial Access

Execution

Persistence

Privilege Escalation

Defense Evasion

Credential Access

Discovery

System Location Discovery

1

T1614

System Language Discovery

1

T1614.001

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Tasks

Sharing

General

Malware Config

Extracted

Targets

MITRE ATT&CK Enterprise v15

Tasks

static1

behavioral1

behavioral2