trickbot

General

Target

JaffaCakes118_ae7e42b29965763be9c1e49fa3e924c3d854732707e1736dcffe1991febf64cb
Size

2.2MB
Sample

241225-tt4g1sykhr
MD5

674d23df9aba5e6a7a726de9b65baa14
SHA1

9b988e00ff8cf20349f6e38783b9d0e943d01508
SHA256

ae7e42b29965763be9c1e49fa3e924c3d854732707e1736dcffe1991febf64cb
SHA512

85c28fbaf880561cd0f5bcc78d27c1ca9a8e01956091b8ef0dfcb00da819402c88b02d6cd9aa3f510afd9875dd47e532d4ff9519768a4b5837374e0fefbdb968
SSDEEP

6144:Zo0gTwr/cG3J8Wt/s1XGxfSCkq/vWc3Wh0lxPIerqhg:ZoidiofStJ

Score

10^/10

Malware Config

Extracted

Family

trickbot

Version

100021

Botnet

rob142

C2

181.129.85.98:443

189.112.119.205:443

189.51.118.78:443

186.121.214.106:443

49.176.188.184:443

61.69.102.170:443

213.32.252.221:443

89.46.216.2:443

103.36.79.3:443

103.108.97.51:443

95.140.217.242:443

41.175.22.226:443

190.109.169.161:443

186.159.12.18:443

190.109.171.17:443

181.196.148.202:443

186.47.75.58:443

186.42.212.30:443

190.214.21.14:443

187.108.32.133:443

Attributes

autorun

ecc_pubkey.base64

1
RUNTMzAAAABbfmkJRvwyw7iFkX40hL2HwsUeOSZZZo0FRRWGkY6J1+gf3YKq13Ee4sY3Jb9/0myCr0MwzNK1K2l5yuY87nW29Q/yjMJG0ISDj0HNBC3G+ZGta6Oi9QkjCwnNGbw2hQ4=

Targets

- Target
  
  JaffaCakes118_ae7e42b29965763be9c1e49fa3e924c3d854732707e1736dcffe1991febf64cb
- Size
  
  2.2MB
- MD5
  
  674d23df9aba5e6a7a726de9b65baa14
- SHA1
  
  9b988e00ff8cf20349f6e38783b9d0e943d01508
- SHA256
  
  ae7e42b29965763be9c1e49fa3e924c3d854732707e1736dcffe1991febf64cb
- SHA512
  
  85c28fbaf880561cd0f5bcc78d27c1ca9a8e01956091b8ef0dfcb00da819402c88b02d6cd9aa3f510afd9875dd47e532d4ff9519768a4b5837374e0fefbdb968
- SSDEEP
  
  6144:Zo0gTwr/cG3J8Wt/s1XGxfSCkq/vWc3Wh0lxPIerqhg:ZoidiofStJ
Score

10^/10

trickbot rob142 banker discovery trojan
- Trickbot
  Developed in 2016, TrickBot is one of the more recent banking Trojans.
  trojan banker trickbot
- Trickbot family
  trickbot
behavioral1 behavioral2

MITRE ATT&CK Enterprise v15

Reconnaissance

Resource Development

Initial Access

Execution

Persistence

Privilege Escalation

Defense Evasion

Credential Access

Discovery

System Location Discovery

1

T1614

System Language Discovery

1

T1614.001

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Tasks

Sharing

General

Malware Config

Extracted

Targets

Trickbot family

MITRE ATT&CK Enterprise v15

Tasks

static1

behavioral1

behavioral2

We care about your privacy.