trickbot

General

Target

JaffaCakes118_f769cda26a6a7a249233189bb477934a7edc29a2a72c9cc42b8fbca652882475
Size

298KB
Sample

241222-flshwsvleq
MD5

870d390d882d80ad2145aa52590caa5e
SHA1

e39d702a6d475d6d9196db9c7fc1ccb881e6c226
SHA256

f769cda26a6a7a249233189bb477934a7edc29a2a72c9cc42b8fbca652882475
SHA512

aae71d85b7edd285622a31baf3db97c3fc3769864565e49b104de8a1a635963d5007d8e5b9f8e18c78dbd3ba170f046c92ad286dce735b64fa4911ee1752bf31
SSDEEP

6144:738iYVOIzE4iqRXv02EzUcFLxjTgF+CtZzBc9E4QVaRolc2R:738nVtisv05BEtZz2GVaReTR

Score

10^/10

Malware Config

Extracted

Family

trickbot

Version

100019

Botnet

soh1

C2

65.152.201.203:443

185.56.175.122:443

46.99.175.217:443

179.189.229.254:443

46.99.175.149:443

181.129.167.82:443

216.166.148.187:443

46.99.188.223:443

128.201.76.252:443

62.99.79.77:443

60.51.47.65:443

24.162.214.166:443

45.36.99.184:443

97.83.40.67:443

184.74.99.214:443

103.105.254.17:443

62.99.76.213:443

82.159.149.52:443

Attributes

autorun
Name:pwgrabb
Name:pwgrabc

ecc_pubkey.base64

Targets

- Target
  
  575874452154518937779ef801d942d1d8637057ddd0d205ac51dc8eeac82dc3
- Size
  
  638KB
- MD5
  
  0400f279242b24ec0a704a6c59aceef6
- SHA1
  
  7f3d1a743f265f827e74a4a68ca4afab54ccc1bd
- SHA256
  
  575874452154518937779ef801d942d1d8637057ddd0d205ac51dc8eeac82dc3
- SHA512
  
  4c138efe182cea30c89dbdf57c049f64d45804fa878a30f3ed3cf5f9c973a4582d1e7cc4f95bb971cb123e273a4a332e3d4de08112eeeb0f1cade467902b82b2
- SSDEEP
  
  12288:7SVsIYtTAaftKj5KBOlDvwJwDiZFI/6cagPhePyMWmJF0/S9MS4xJNM4hqgNlLi:GVsIctKNrlDSwDiICcagPjMWmJF0pS4P
Score

10^/10

trickbot soh1 banker discovery trojan
- Trickbot
  Developed in 2016, TrickBot is one of the more recent banking Trojans.
  trojan banker trickbot
- Trickbot family
  trickbot
behavioral1 behavioral2

MITRE ATT&CK Enterprise v15

Reconnaissance

Resource Development

Initial Access

Execution

Persistence

Privilege Escalation

Defense Evasion

Credential Access

Discovery

System Location Discovery

1

T1614

System Language Discovery

1

T1614.001

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Tasks

Sharing

General

Malware Config

Extracted

Targets

Trickbot family

MITRE ATT&CK Enterprise v15

Tasks

static1

behavioral1

behavioral2