trickbot

General

Target

JaffaCakes118_94cd8c39be0d9f02f0bec003cce28c4a05877f7606ce86b4afe48febbe841957
Size

391KB
Sample

241221-x5gn6sxldz
MD5

4e748fd435202f5a66e4f32da9930eae
SHA1

3c096ddf05e60da54e37829a6c7f853107eaddac
SHA256

94cd8c39be0d9f02f0bec003cce28c4a05877f7606ce86b4afe48febbe841957
SHA512

69002db2da0d68fba32149e5709177d2a4e04a80bb4866fa2c770f8e9e47a7327c798af248730814eb1c8c6f3d432bfe684736634b7ad4052cf645b551fa8020
SSDEEP

12288:1IVWY8m5w56qaLm+ojXuR45lmGbPukE74:aVWYSaojXuG5NbukEs

Score

10^/10

Malware Config

Extracted

Family

trickbot

Version

100019

Botnet

top119

C2

65.152.201.203:443

185.56.175.122:443

46.99.175.217:443

179.189.229.254:443

46.99.175.149:443

181.129.167.82:443

216.166.148.187:443

46.99.188.223:443

128.201.76.252:443

62.99.79.77:443

60.51.47.65:443

24.162.214.166:443

45.36.99.184:443

97.83.40.67:443

184.74.99.214:443

103.105.254.17:443

62.99.76.213:443

82.159.149.52:443

Attributes

autorun
Name:pwgrabb
Name:pwgrabc

ecc_pubkey.base64

Targets

- Target
  
  abe54c4ac7b989caf521eba9204f6556a1aea8febede001257acbafb8ead5bbb
- Size
  
  820KB
- MD5
  
  0d1eb646c452eab558bcbe85c60a9a10
- SHA1
  
  4491138ddc1927a3f1947c29135cf51b2aaa22c4
- SHA256
  
  abe54c4ac7b989caf521eba9204f6556a1aea8febede001257acbafb8ead5bbb
- SHA512
  
  c4f9a42592aa78e02cbda1cb5f9bc1b2d2f1e1879a8c155e261d38c74bc6bd21427fe3e7e2c8a3ea9e4713a87b1989bf1823adf2d8a61eeb692dda3a463969d2
- SSDEEP
  
  12288:QFuLe4nHJm79H5k51MKd3GydYLMcOCWvnJi7:QFF4nHJo4ZbnJc
Score

10^/10

trickbot top119 banker discovery trojan
- Trickbot
  Developed in 2016, TrickBot is one of the more recent banking Trojans.
  trojan banker trickbot
- Trickbot family
  trickbot
behavioral1 behavioral2

MITRE ATT&CK Enterprise v15

Reconnaissance

Resource Development

Initial Access

Execution

Persistence

Privilege Escalation

Defense Evasion

Credential Access

Discovery

System Location Discovery

1

T1614

System Language Discovery

1

T1614.001

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Tasks

Sharing

General

Malware Config

Extracted

Targets

Trickbot family

MITRE ATT&CK Enterprise v15

Tasks

static1

behavioral1

behavioral2