trickbot

General

Target

a6d5ea402f7152cc7d56942f6dab960b_JaffaCakes118
Size

575KB
Sample

241127-j6fllsvqb1
MD5

a6d5ea402f7152cc7d56942f6dab960b
SHA1

8733bd608c8ecf9ce1a97ef2d332d136f2f184a0
SHA256

c1516fd04cf95c6437a5f02d4715d1b034a4cc8edb71b487a3a0c0eb76fd0216
SHA512

fe73bd1c4b54c0a251c29f9eada71c9b47f16e8494a7c388111f9143a020a3c128934b2864366708e62e38d7a3725b4a1fbd5e2e550963f7707fcdd95464ad39
SSDEEP

12288:+7UffyoMiaBpylVC/SryA42E9VH8O1zdMNev6CP:+7UfKyS/SrD42EvcO1lvd

Score

10^/10

Malware Config

Extracted

Family

trickbot

Version

100019

Botnet

top127

C2

65.152.201.203:443

185.56.175.122:443

46.99.175.217:443

179.189.229.254:443

46.99.175.149:443

181.129.167.82:443

216.166.148.187:443

46.99.188.223:443

128.201.76.252:443

62.99.79.77:443

60.51.47.65:443

24.162.214.166:443

45.36.99.184:443

97.83.40.67:443

184.74.99.214:443

103.105.254.17:443

62.99.76.213:443

82.159.149.52:443

Attributes

autorun
Name:pwgrabb
Name:pwgrabc

ecc_pubkey.base64

Targets

- Target
  
  a6d5ea402f7152cc7d56942f6dab960b_JaffaCakes118
- Size
  
  575KB
- MD5
  
  a6d5ea402f7152cc7d56942f6dab960b
- SHA1
  
  8733bd608c8ecf9ce1a97ef2d332d136f2f184a0
- SHA256
  
  c1516fd04cf95c6437a5f02d4715d1b034a4cc8edb71b487a3a0c0eb76fd0216
- SHA512
  
  fe73bd1c4b54c0a251c29f9eada71c9b47f16e8494a7c388111f9143a020a3c128934b2864366708e62e38d7a3725b4a1fbd5e2e550963f7707fcdd95464ad39
- SSDEEP
  
  12288:+7UffyoMiaBpylVC/SryA42E9VH8O1zdMNev6CP:+7UfKyS/SrD42EvcO1lvd
Score

10^/10

trickbot top127 banker discovery trojan
- Trickbot
  Developed in 2016, TrickBot is one of the more recent banking Trojans.
  trojan banker trickbot
- Trickbot family
  trickbot
behavioral1 behavioral2

MITRE ATT&CK Enterprise v15

Reconnaissance

Resource Development

Initial Access

Execution

Persistence

Privilege Escalation

Defense Evasion

Credential Access

Discovery

System Location Discovery

1

T1614

System Language Discovery

1

T1614.001

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Tasks

Sharing

General

Malware Config

Extracted

Targets

Trickbot family

MITRE ATT&CK Enterprise v15

Tasks

static1

behavioral1

behavioral2