trickbot

General

Target

JaffaCakes118_c7587a308e45444909cf83541f37ab2e1b1745b9fc329e308d0e5a6562440c69
Size

421KB
Sample

241224-mg764svpbm
MD5

1c974a0a7c3444f7a67c8f279d8ab760
SHA1

ca79bc2a2ff53b7206b0cbd439cb0d6df4f014fd
SHA256

c7587a308e45444909cf83541f37ab2e1b1745b9fc329e308d0e5a6562440c69
SHA512

a000b2e27a3afe7f4e853f54b9e4f6c302401bbd036a258e67c8ae3004879bad3ff9d060c3bf3351a081bb59b7c91afba7235761d65a7243416d7a0986338523
SSDEEP

6144:DNnPQx0qXqPyxs8LvfPPQOoXaaS48oOU/6kZFCIabeqm5w/a3RvNxZbWf0Yarcl4:D94BaP8fPPwk4jZHxqW5vZb+QUq

Score

10^/10

Malware Config

Extracted

Family

trickbot

Version

100014

Botnet

yas54

C2

68.201.55.46:443

71.42.188.85:443

50.197.243.125:443

70.119.149.64:443

71.66.92.190:443

137.27.148.14:443

156.19.152.218:443

73.103.36.158:443

67.212.241.178:443

65.158.28.70:443

96.88.45.25:443

50.84.233.214:443

73.6.0.166:449

50.75.131.6:443

72.128.158.51:443

104.4.84.130:443

108.161.11.44:443

75.118.158.174:443

67.48.50.58:443

47.51.21.82:443

Attributes

autorun
Name:pwgrab

ecc_pubkey.base64

Targets

- Target
  
  maza54ter.exe
- Size
  
  652KB
- MD5
  
  06bab8c2471bf909b73801d1cb458678
- SHA1
  
  4a75cc936c0875bff1ccc167d2ec698305d12c3e
- SHA256
  
  055234a3607c09868727f44eb871614aba6b3b01ac60174501f127ca0be24642
- SHA512
  
  80a9d233c72d8d6035d3254c8237acd6b9f0308ddda4b2e4e936c85a22769306744ca60a47bcdc2871fc5da5379ce4bab89e6d33d0259dcd1c1155ec050124e6
- SSDEEP
  
  12288:0GrOiraom1pPA1sGPdqdr6NuR4BKbydWwkBnO7WlK:RhaH1pPYdurWuReqh0WU
Score

10^/10

trickbot yas54 banker discovery trojan
- Trickbot
  Developed in 2016, TrickBot is one of the more recent banking Trojans.
  trojan banker trickbot
- Trickbot family
  trickbot
behavioral1 behavioral2

MITRE ATT&CK Enterprise v15

Reconnaissance

Resource Development

Initial Access

Execution

Persistence

Privilege Escalation

Defense Evasion

Credential Access

Discovery

System Location Discovery

1

T1614

System Language Discovery

1

T1614.001

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Tasks

Sharing

General

Malware Config

Extracted

Targets

Trickbot family

MITRE ATT&CK Enterprise v15

Tasks

static1

behavioral1

behavioral2