trickbot

General

Target

JaffaCakes118_c5769dfa8ef32b79c5fce1c42a2dda6bd6f4f5ad39d052cc966457e3cc92c124
Size

274KB
Sample

241224-yndfvswlam
MD5

21acd8574ff0d3f0c75692ce825ceab8
SHA1

003c70fd8099f6e9665ce6e80b11cf65e40963a1
SHA256

c5769dfa8ef32b79c5fce1c42a2dda6bd6f4f5ad39d052cc966457e3cc92c124
SHA512

61b2643fa6ad4744bf2615802f9a7656b22ca38e4e925a093c159cd9748731a78c3976838452364ea30533310bfa51f9adf650b85f73a4a5075becf11e807cba
SSDEEP

6144:WC/k9UOYc5TSoDrW57hIwgGlzJhRtUkMK7y:WChXArCrJhnUJK7y

Score

10^/10

Malware Config

Extracted

Family

trickbot

Version

100011

Botnet

yas28

C2

194.5.249.156:443

142.202.191.164:443

193.8.194.96:443

45.155.173.242:443

108.170.20.75:443

185.163.45.138:443

94.140.114.136:443

134.119.186.202:443

200.52.147.93:443

45.230.244.20:443

186.250.157.116:443

186.137.85.76:443

36.94.62.207:443

182.253.107.34:443

Attributes

autorun
Name:pwgrab

ecc_pubkey.base64

Targets

- Target
  
  hdpnl.bin
- Size
  
  416KB
- MD5
  
  6174a920b6765032af76114633d6aff8
- SHA1
  
  749c513030f68d1a11bc5dd9c9463b5b28ccbed4
- SHA256
  
  43bf403865a31b4b2628650b0dfd6486fd6b45e6ae2a52fa09433c3f5b7d3163
- SHA512
  
  3cef8f6ac42fb335097ad6ee62660d59d9c7cb56274ec3db21ae353557a04080dc2a738629d147fa1d149b5d480ea3c1841958a62f85882e51bf8e23bf836bc3
- SSDEEP
  
  6144:hJJXc3d7aQ2hSAjxqrMiYRTuzOys5yWYPMpemzE+c8MWnvzv6pRc:dXc3dLoSAorM5wMpe1OnvMR
Score

10^/10

discovery trickbot yas28 banker trojan
- Trickbot
  Developed in 2016, TrickBot is one of the more recent banking Trojans.
  trojan banker trickbot
- Trickbot family
  trickbot
behavioral1 behavioral2

MITRE ATT&CK Enterprise v15

Reconnaissance

Resource Development

Initial Access

Execution

Persistence

Privilege Escalation

Defense Evasion

Credential Access

Discovery

System Location Discovery

1

T1614

System Language Discovery

1

T1614.001

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Tasks

Sharing

General

Malware Config

Extracted

Targets

Trickbot family

MITRE ATT&CK Enterprise v15

Tasks

static1

behavioral1

behavioral2