Skip to content

Latest commit

 

History

History
50 lines (46 loc) · 4.93 KB

trickbot.md

File metadata and controls

50 lines (46 loc) · 4.93 KB
Raw
ID X0025
Aliases None
Platforms Windows
Year 2016
Associated ATT&CK Software TrickBot

TrickBot

Trojan spyware program that has mainly been used for targeting banking sites. TrickBot is written in the C++ programming language.

Behaviors

Name Use
Account Discovery See ATT&CK: TrickBot - Techniques Used
Non-Standard Port See ATT&CK: TrickBot - Techniques Used
Credentials from Password Stores::Credentials from Web Browsers See ATT&CK: TrickBot - Techniques Used
Unsecured Credentials::Credentials In Files See ATT&CK: TrickBot - Techniques Used
Unsecured Credentials::Credentials in Registry See ATT&CK: TrickBot - Techniques Used
Encrypted Channel See ATT&CK: TrickBot - Techniques Used
Data from Local System See ATT&CK: TrickBot - Techniques Used
Deobfuscate/Decode Files or Information See ATT&CK: TrickBot - Techniques Used
Disable or Evade Security Tools See ATT&CK: TrickBot - Techniques Used
Domain Trust Discovery See ATT&CK: TrickBot - Techniques Used
Email Collection See ATT&CK: TrickBot - Techniques Used
Native API See ATT&CK: TrickBot - Techniques Used
File and Directory Discovery See ATT&CK: TrickBot - Techniques Used
Hooking See ATT&CK: TrickBot - Techniques Used
Man in the Browser See ATT&CK: TrickBot - Techniques Used
Modify Registry See ATT&CK: TrickBot - Techniques Used
Obfuscated Files or Information See ATT&CK: TrickBot - Techniques Used
Process Injection See ATT&CK: TrickBot - Techniques Used
Registry Run Keys / Startup Folder See ATT&CK: TrickBot - Techniques Used
Remote File Copy See ATT&CK: TrickBot - Techniques Used
Scheduled Task/Job See ATT&CK: TrickBot - Techniques Used
Command and Scripting Interpreter See ATT&CK: TrickBot - Techniques Used
Executable Code Obfuscation See ATT&CK: TrickBot - Techniques Used
Send Email See ATT&CK: TrickBot - Techniques Used
Application Layer Protocol See ATT&CK: TrickBot - Techniques Used
System Information Discovery See ATT&CK: TrickBot - Techniques Used
System Network Configuration Discovery See ATT&CK: TrickBot - Techniques Used
System Service Discovery See ATT&CK: TrickBot - Techniques Used
Non-Standard Port See ATT&CK: TrickBot - Techniques Used
User Interaction See ATT&CK: TrickBot - Techniques Used

References