trickbot

General

Target

JaffaCakes118_489e7ef8892da96762561f945ab244100a9cc23eecb341c01f55d1e382f1a316
Size

217KB
Sample

241225-st3p2swrgp
MD5

f8f47764f5b13c65987da4208c29a25e
SHA1

5a5a1a5ddacd3808435cb2db896fd0c11e0388bd
SHA256

489e7ef8892da96762561f945ab244100a9cc23eecb341c01f55d1e382f1a316
SHA512

0056c963665f57b9cafe443a9b7596e2af50ff28353d55ef9293904675eefb3f328bf1470adabcc38766733cc9177f0e7125278771200f4f0b2e6c656f36638b
SSDEEP

6144:P7yxicJkHct0qcAsMot4h2vuufXigJsSbf:PeZrt9sMoy8vuutJsSj

Score

10^/10

Malware Config

Extracted

Family

trickbot

Version

2000022

Botnet

mor1

C2

85.204.116.83:443

91.200.100.143:443

83.151.14.13:443

107.191.61.39:443

113.160.129.15:443

139.162.182.54:443

139.162.44.152:443

144.202.106.23:443

158.247.219.186:443

172.105.107.25:443

172.105.190.51:443

172.105.196.53:443

172.105.25.190:443

178.79.138.253:443

192.46.229.48:443

207.246.92.48:443

216.128.130.16:443

45.79.126.97:443

45.79.155.9:443

45.79.212.97:443

Attributes

autorun
Name:pwgrab

ecc_pubkey.base64

Targets

- Target
  
  JaffaCakes118_489e7ef8892da96762561f945ab244100a9cc23eecb341c01f55d1e382f1a316
- Size
  
  217KB
- MD5
  
  f8f47764f5b13c65987da4208c29a25e
- SHA1
  
  5a5a1a5ddacd3808435cb2db896fd0c11e0388bd
- SHA256
  
  489e7ef8892da96762561f945ab244100a9cc23eecb341c01f55d1e382f1a316
- SHA512
  
  0056c963665f57b9cafe443a9b7596e2af50ff28353d55ef9293904675eefb3f328bf1470adabcc38766733cc9177f0e7125278771200f4f0b2e6c656f36638b
- SSDEEP
  
  6144:P7yxicJkHct0qcAsMot4h2vuufXigJsSbf:PeZrt9sMoy8vuutJsSj
Score

10^/10

trickbot mor1 banker discovery trojan
- Trickbot
  Developed in 2016, TrickBot is one of the more recent banking Trojans.
  trojan banker trickbot
- Trickbot family
  trickbot
behavioral1 behavioral2

MITRE ATT&CK Enterprise v15

Reconnaissance

Resource Development

Initial Access

Execution

Persistence

Privilege Escalation

Defense Evasion

Credential Access

Discovery

System Location Discovery

1

T1614

System Language Discovery

1

T1614.001

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Tasks

Sharing

General

Malware Config

Extracted

Targets

Trickbot family

MITRE ATT&CK Enterprise v15

Tasks

static1

behavioral1

behavioral2