trickbot

General

Target

2025-01-31_816212eb0b794c181976b9f7390a9c4f_mafia
Size

1.1MB
Sample

250131-s6ylvszlft
MD5

816212eb0b794c181976b9f7390a9c4f
SHA1

a4bdc434601084b6cb7450e9a0f5138ba2e4a815
SHA256

4b5d2f4d6d2ce056f1d048ef939bc2b31aa18953735b4d2cee6a0b08bcbd38f7
SHA512

af9775dd151a5f74629ef8a8bba28e05781f5f21cb91027714dec136c690f58f05dd3574fe34b5e59c3af78167a31eb1177c8fd416dce74b293216412d40377d
SSDEEP

24576:U8c4u1W6uhk+h5P7d3BFMukWMG+gcXh6dvrBV1gerPxHxmbuio8Tk3Qy0HyNtK3p:rZug6uq+hMTG+g+h6dvrBV1gerPxHxmf

Score

10^/10

Malware Config

Extracted

Family

trickbot

Version

100018

Botnet

rob110

C2

38.110.103.124:443

185.56.76.28:443

204.138.26.60:443

60.51.47.65:443

74.85.157.139:443

68.69.26.182:443

38.110.103.136:443

38.110.103.18:443

138.34.28.219:443

185.56.76.94:443

217.115.240.248:443

24.162.214.166:443

80.15.2.105:443

154.58.23.192:443

38.110.100.104:443

45.36.99.184:443

185.56.76.108:443

185.56.76.72:443

138.34.28.35:443

97.83.40.67:443

Attributes

autorun
Name:pwgrabb
Name:pwgrabc

ecc_pubkey.base64

Targets

- Target
  
  2025-01-31_816212eb0b794c181976b9f7390a9c4f_mafia
- Size
  
  1.1MB
- MD5
  
  816212eb0b794c181976b9f7390a9c4f
- SHA1
  
  a4bdc434601084b6cb7450e9a0f5138ba2e4a815
- SHA256
  
  4b5d2f4d6d2ce056f1d048ef939bc2b31aa18953735b4d2cee6a0b08bcbd38f7
- SHA512
  
  af9775dd151a5f74629ef8a8bba28e05781f5f21cb91027714dec136c690f58f05dd3574fe34b5e59c3af78167a31eb1177c8fd416dce74b293216412d40377d
- SSDEEP
  
  24576:U8c4u1W6uhk+h5P7d3BFMukWMG+gcXh6dvrBV1gerPxHxmbuio8Tk3Qy0HyNtK3p:rZug6uq+hMTG+g+h6dvrBV1gerPxHxmf
Score

10^/10

trickbot rob110 banker discovery trojan
- Trickbot
  Developed in 2016, TrickBot is one of the more recent banking Trojans.
  trojan banker trickbot
- Trickbot family
  trickbot
behavioral1 behavioral2

MITRE ATT&CK Enterprise v15

Reconnaissance

Resource Development

Initial Access

Execution

Persistence

Privilege Escalation

Defense Evasion

Credential Access

Discovery

System Location Discovery

1

T1614

System Language Discovery

1

T1614.001

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Tasks

Sharing

General

Malware Config

Extracted

Targets

Trickbot family

MITRE ATT&CK Enterprise v15

Tasks

static1

behavioral1

behavioral2