Something strange is going on with Trickbot
Tags
| attack-pattern: | Direct Botnet - T1583.005 Botnet - T1584.005 Malware - T1587.001 Malware - T1588.001 |
Common Information
| Type | Value |
|---|---|
| UUID | ed685edb-4fb5-4bba-b56e-21b9ccec5a40 |
| Fingerprint | ed242ff920c707d4 |
| Analysis status | DONE |
| Considered CTI value | 0 |
| Text language | |
| Published | Feb. 24, 2022, midnight |
| Added to db | Aug. 31, 2024, 4:44 a.m. |
| Last updated | Dec. 19, 2024, 6:07 p.m. |
| Headline | Something strange is going on with Trickbot |
| Title | Something strange is going on with Trickbot |
| Detected Hints/Tags/Attributes | 40/1/12 |
Source URLs
| Redirection | Url | |
|---|---|---|
| Details | Source | https://intel471.com/blog/trickbot-2022-emotet-bazar-loader |
URL Provider
RSS Feed
| Details | Id | Enabled | Feed title | Url | Added to db |
|---|---|---|---|---|---|
| Details | 138 | ✔ | Intel471 | https://intel471.com/blog/feed | 2024-08-30 22:08 |
Attributes
| Details | Type | #Events | CTI | Value |
|---|---|---|---|---|
| Details | File | 1 | 59emotic1.jpg |
|
| Details | File | 1 | fortiplan1.gif |
|
| Details | File | 2 | loader_90563_1.dll |
|
| Details | File | 1 | stager2.dll |
|
| Details | IPv4 | 2 | 66.85.173.43 |
|
| Details | IPv4 | 2 | 104.193.252.221 |
|
| Details | IPv4 | 3 | 141.94.176.124 |
|
| Details | IPv4 | 1 | 46.30.41.173 |
|
| Details | Url | 1 | http://66.85.173.43/59emotic1.jpg |
|
| Details | Url | 1 | http://104.193.252.221/fortiplan1.gif |
|
| Details | Url | 3 | http://141.94.176.124/loader_90563_1.dll |
|
| Details | Url | 1 | http://46.30.41.173/stager2.dll |