trickbot

General

Target

5fe70870aca00b87600095b4f0ef1e229bbcf74eab23dfe575cb634f5b44f35d
Size

516KB
Sample

241026-wwzb7avmbp
MD5

581e2cf940d673b9ccdb76169fef2546
SHA1

4fd4a77e1041254a9a2d2dcfcf17cd719bf83b47
SHA256

5fe70870aca00b87600095b4f0ef1e229bbcf74eab23dfe575cb634f5b44f35d
SHA512

0e6e051599d7942dbe13477fa60a6befa04253879283945cbbc44eaaa9577f3d6670abc478ed82e08adc34a07d5ae5fd72cf32ae33eee1d442efc85a4236ebc3
SSDEEP

12288:VE2DFZrTO3XN3jLOBWTNvFD1VeubeMl2005W7eQT:VrrTO393WwZv91VeAlXw

Score

10^/10

Malware Config

Extracted

Family

trickbot

Version

100018

Botnet

sat2

C2

38.110.103.124:443

185.56.76.28:443

204.138.26.60:443

60.51.47.65:443

74.85.157.139:443

68.69.26.182:443

38.110.103.136:443

38.110.103.18:443

138.34.28.219:443

185.56.76.94:443

217.115.240.248:443

24.162.214.166:443

80.15.2.105:443

154.58.23.192:443

38.110.100.104:443

45.36.99.184:443

185.56.76.108:443

185.56.76.72:443

138.34.28.35:443

97.83.40.67:443

Attributes

autorun
Name:pwgrabb
Name:pwgrabc

ecc_pubkey.base64

Targets

- Target
  
  5fe70870aca00b87600095b4f0ef1e229bbcf74eab23dfe575cb634f5b44f35d
- Size
  
  516KB
- MD5
  
  581e2cf940d673b9ccdb76169fef2546
- SHA1
  
  4fd4a77e1041254a9a2d2dcfcf17cd719bf83b47
- SHA256
  
  5fe70870aca00b87600095b4f0ef1e229bbcf74eab23dfe575cb634f5b44f35d
- SHA512
  
  0e6e051599d7942dbe13477fa60a6befa04253879283945cbbc44eaaa9577f3d6670abc478ed82e08adc34a07d5ae5fd72cf32ae33eee1d442efc85a4236ebc3
- SSDEEP
  
  12288:VE2DFZrTO3XN3jLOBWTNvFD1VeubeMl2005W7eQT:VrrTO393WwZv91VeAlXw
Score

10^/10

trickbot sat2 banker discovery trojan
- Trickbot
  Developed in 2016, TrickBot is one of the more recent banking Trojans.
  trojan banker trickbot
- Trickbot family
  trickbot
behavioral1 behavioral2

MITRE ATT&CK Enterprise v15

Reconnaissance

Resource Development

Initial Access

Execution

Persistence

Privilege Escalation

Defense Evasion

Credential Access

Discovery

System Location Discovery

1

T1614

System Language Discovery

1

T1614.001

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Tasks

Sharing

General

Malware Config

Extracted

Targets

Trickbot family

MITRE ATT&CK Enterprise v15

Tasks

static1

behavioral1

behavioral2