trickbot

General

Target

JaffaCakes118_ae0145b4227e7245c15fc08f587b75100183e3d083bc6df7f960b518d7d05942
Size

298KB
Sample

241222-ftvm8avpdj
MD5

9a6552844341baef225f03fa2815a6be
SHA1

0306eb2bf30cd756183d70be3c7d81af067e526c
SHA256

ae0145b4227e7245c15fc08f587b75100183e3d083bc6df7f960b518d7d05942
SHA512

ef91bc9ca74ed955acb766dbc94129cbedba71ca4308c9a738b798c4ee82dbf6e1b3cd9666deafe54c9b42af3b6a8420167a914cdeda8eacb9e3ad09bf0c5ec0
SSDEEP

6144:Q0c3JACWCA4jrshBJeaF21eO9yQ1NGi4KtMKfXoJS8qJNpO7jJY9rYEb6AU:Q0c3JACWCZnaJ5Q1NGzsY08cO7mrnTU

Score

10^/10

Malware Config

Extracted

Family

trickbot

Version

100019

Botnet

soc1

C2

65.152.201.203:443

185.56.175.122:443

46.99.175.217:443

179.189.229.254:443

46.99.175.149:443

181.129.167.82:443

216.166.148.187:443

46.99.188.223:443

128.201.76.252:443

62.99.79.77:443

60.51.47.65:443

24.162.214.166:443

45.36.99.184:443

97.83.40.67:443

184.74.99.214:443

103.105.254.17:443

62.99.76.213:443

82.159.149.52:443

Attributes

autorun
Name:pwgrabb
Name:pwgrabc

ecc_pubkey.base64

Targets

- Target
  
  soccer.png
- Size
  
  668KB
- MD5
  
  a18d91ebc7db5a395afe5fe74fe826e2
- SHA1
  
  ae5194737048998509a56cbb55c04dbe9cce800b
- SHA256
  
  7464624835f5d5a1670ce4be5d492541c68979869752c7da98c03c9aa605e167
- SHA512
  
  2acc332b8c94f58b6629944659a2a06b85f9fe82e75aff777a114158bb4b8175aefb14995158f4ac897366b3cb776982550f5355e9fe2ad7ff74f68936b41ceb
- SSDEEP
  
  6144:1uNDZo15/Lb175yZhtHQqPm52aYYiHx/874uQYKJHD4YvYrde7:qDSHL575qLP0tKJHT1
Score

10^/10

trickbot soc1 banker discovery trojan
- Trickbot
  Developed in 2016, TrickBot is one of the more recent banking Trojans.
  trojan banker trickbot
- Trickbot family
  trickbot
behavioral1 behavioral2

MITRE ATT&CK Enterprise v15

Reconnaissance

Resource Development

Initial Access

Execution

Persistence

Privilege Escalation

Defense Evasion

Credential Access

Discovery

System Location Discovery

1

T1614

System Language Discovery

1

T1614.001

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Tasks

Sharing

General

Malware Config

Extracted

Targets

Trickbot family

MITRE ATT&CK Enterprise v15

Tasks

static1

behavioral1

behavioral2