trickbot

General

Target

JaffaCakes118_3e6ba8737617bd1b095fa2d8d46bf4d9a97ccb1b52a27e7af77f04fe2653c9e8
Size

1.7MB
Sample

241230-v52cgatnbt
MD5

72428e8222d8de75a6516bd98e432e78
SHA1

57f0332a1d6759521eec3504eb67d85bdd726735
SHA256

3e6ba8737617bd1b095fa2d8d46bf4d9a97ccb1b52a27e7af77f04fe2653c9e8
SHA512

2899179c6e8d30b7ec417950327a8d50ecf991f5992eb49fec030b87cddb7a47045ef61603b0324a2db30d7410a15ad6cdb58091b5cc72f54b511ae765744619
SSDEEP

1536:bHsZePiJlBAOF7aOds8hZ9HM6ZQZC1bxBdsvg8+FdLW2cnDC525qAFdhz3mnpkV9:IgGxF+r8j9nmU1/dE

Score

10^/10

Malware Config

Extracted

Family

trickbot

Version

100019

Botnet

rob141

C2

65.152.201.203:443

185.56.175.122:443

46.99.175.217:443

179.189.229.254:443

46.99.175.149:443

181.129.167.82:443

216.166.148.187:443

46.99.188.223:443

128.201.76.252:443

62.99.79.77:443

60.51.47.65:443

24.162.214.166:443

45.36.99.184:443

97.83.40.67:443

184.74.99.214:443

103.105.254.17:443

62.99.76.213:443

82.159.149.52:443

Attributes

autorun
Name:pwgrabb
Name:pwgrabc

ecc_pubkey.base64

Targets

- Target
  
  JaffaCakes118_3e6ba8737617bd1b095fa2d8d46bf4d9a97ccb1b52a27e7af77f04fe2653c9e8
- Size
  
  1.7MB
- MD5
  
  72428e8222d8de75a6516bd98e432e78
- SHA1
  
  57f0332a1d6759521eec3504eb67d85bdd726735
- SHA256
  
  3e6ba8737617bd1b095fa2d8d46bf4d9a97ccb1b52a27e7af77f04fe2653c9e8
- SHA512
  
  2899179c6e8d30b7ec417950327a8d50ecf991f5992eb49fec030b87cddb7a47045ef61603b0324a2db30d7410a15ad6cdb58091b5cc72f54b511ae765744619
- SSDEEP
  
  1536:bHsZePiJlBAOF7aOds8hZ9HM6ZQZC1bxBdsvg8+FdLW2cnDC525qAFdhz3mnpkV9:IgGxF+r8j9nmU1/dE
Score

10^/10

trickbot rob141 banker discovery trojan
- Trickbot
  Developed in 2016, TrickBot is one of the more recent banking Trojans.
  trojan banker trickbot
- Trickbot family
  trickbot
behavioral1 behavioral2

MITRE ATT&CK Enterprise v15

Reconnaissance

Resource Development

Initial Access

Execution

Persistence

Privilege Escalation

Defense Evasion

Credential Access

Discovery

System Location Discovery

1

T1614

System Language Discovery

1

T1614.001

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Tasks

Sharing

General

Malware Config

Extracted

Targets

Trickbot family

MITRE ATT&CK Enterprise v15

Tasks

static1

behavioral1

behavioral2