trickbot

General

Target

JaffaCakes118_0cbd76546cb6c5b03e8e0ce275397fa9f97e0860de13153decf08d31109375d3
Size

440KB
Sample

241224-dcppjazqcn
MD5

26edb120367bf059c98b9debd323c91f
SHA1

66fd41f8692558beec006c64e31d418e4a8be53f
SHA256

0cbd76546cb6c5b03e8e0ce275397fa9f97e0860de13153decf08d31109375d3
SHA512

d1ab23967b3699780f0d38ffb59d1dc3c1c657095c8cc74ea42244218d4b24f322c074c546fc2756933f9c4f56089ad87c70dc1f79ff878ba9cd7ef9db9eecaf
SSDEEP

6144:v5+iRFTkRhO9SErtZtfherliYSuTNpBRaj4gzaxCdKJjWJFWMaDTX3H:JFTkCtZTm4EBpL0zacMScx7

Score

10^/10

Malware Config

Extracted

Family

trickbot

Version

100019

Botnet

rob141

C2

65.152.201.203:443

185.56.175.122:443

46.99.175.217:443

179.189.229.254:443

46.99.175.149:443

181.129.167.82:443

216.166.148.187:443

46.99.188.223:443

128.201.76.252:443

62.99.79.77:443

60.51.47.65:443

24.162.214.166:443

45.36.99.184:443

97.83.40.67:443

184.74.99.214:443

103.105.254.17:443

62.99.76.213:443

82.159.149.52:443

Attributes

autorun
Name:pwgrabb
Name:pwgrabc

ecc_pubkey.base64

Targets

- Target
  
  JaffaCakes118_0cbd76546cb6c5b03e8e0ce275397fa9f97e0860de13153decf08d31109375d3
- Size
  
  440KB
- MD5
  
  26edb120367bf059c98b9debd323c91f
- SHA1
  
  66fd41f8692558beec006c64e31d418e4a8be53f
- SHA256
  
  0cbd76546cb6c5b03e8e0ce275397fa9f97e0860de13153decf08d31109375d3
- SHA512
  
  d1ab23967b3699780f0d38ffb59d1dc3c1c657095c8cc74ea42244218d4b24f322c074c546fc2756933f9c4f56089ad87c70dc1f79ff878ba9cd7ef9db9eecaf
- SSDEEP
  
  6144:v5+iRFTkRhO9SErtZtfherliYSuTNpBRaj4gzaxCdKJjWJFWMaDTX3H:JFTkCtZTm4EBpL0zacMScx7
Score

10^/10

trickbot rob141 banker discovery trojan
- Trickbot
  Developed in 2016, TrickBot is one of the more recent banking Trojans.
  trojan banker trickbot
- Trickbot family
  trickbot
behavioral1 behavioral2

MITRE ATT&CK Enterprise v15

Reconnaissance

Resource Development

Initial Access

Execution

Persistence

Privilege Escalation

Defense Evasion

Credential Access

Discovery

System Location Discovery

1

T1614

System Language Discovery

1

T1614.001

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Tasks

Sharing

General

Malware Config

Extracted

Targets

Trickbot family

MITRE ATT&CK Enterprise v15

Tasks

static1

behavioral1

behavioral2