trickbot

General

Target

JaffaCakes118_5da03613ba9cb0925514b32b8084b57457cc5e69450c57c9ca823d1dd1756c33
Size

441KB
Sample

241225-hmcvya1jep
MD5

2ec3c609fc0bece0a3dc2078d5decb2d
SHA1

db3d7bffd2093beebc4ebe2ed7958ae2c46205d5
SHA256

5da03613ba9cb0925514b32b8084b57457cc5e69450c57c9ca823d1dd1756c33
SHA512

014427d4128559c5100b338131b1da7b6d63f3afa68e5067cd70ae39264bbf705dcb18269a3978c21f5168982c1b8945ac91939ff98b2a893e10e47819313301
SSDEEP

6144:b5i+S+HIOoS/2z/6MDZovlV5J0vqxX2ARtXLAv66kCE0/7MmhT6kM2YxC29t2Uvu:mAjBkNOrzx2ATc6Hl0DMkTAKUVEHe3U

Score

10^/10

Malware Config

Extracted

Family

trickbot

Version

100019

Botnet

soh1

C2

65.152.201.203:443

185.56.175.122:443

46.99.175.217:443

179.189.229.254:443

46.99.175.149:443

181.129.167.82:443

216.166.148.187:443

46.99.188.223:443

128.201.76.252:443

62.99.79.77:443

60.51.47.65:443

24.162.214.166:443

45.36.99.184:443

97.83.40.67:443

184.74.99.214:443

103.105.254.17:443

62.99.76.213:443

82.159.149.52:443

Attributes

autorun
Name:pwgrabb
Name:pwgrabc

ecc_pubkey.base64

Targets

- Target
  
  longblackbike.png
- Size
  
  652KB
- MD5
  
  186a0df18f884c288633dcb0de7c4e6c
- SHA1
  
  39916a131331358d545885c3db1248193e96c3f7
- SHA256
  
  4e0dbd32459e7bffdd7a4ccb8b6615a25f67bb5146d97103c4665614efc5f221
- SHA512
  
  862771ff52f01bdf2609fe7fb46c5194b5f109e1c225d033bc3517ac724bf2c922a6e9377ab27dcbb41e302b6d28338c40f786d87f86052602ee7d1aae61341d
- SSDEEP
  
  12288:P5g4A5St8G5/TMDhdnURcZdE+AoMmFspMoZZN3D:+4A5SX5TMNtDI+BFOz
Score

10^/10

trickbot soh1 banker discovery trojan
- Trickbot
  Developed in 2016, TrickBot is one of the more recent banking Trojans.
  trojan banker trickbot
- Trickbot family
  trickbot
behavioral1 behavioral2

MITRE ATT&CK Enterprise v15

Reconnaissance

Resource Development

Initial Access

Execution

Persistence

Privilege Escalation

Defense Evasion

Credential Access

Discovery

System Location Discovery

1

T1614

System Language Discovery

1

T1614.001

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Tasks

Sharing

General

Malware Config

Extracted

Targets

Trickbot family

MITRE ATT&CK Enterprise v15

Tasks

static1

behavioral1

behavioral2