Keyword: trickbot
13 Total Search   |   Showing Results : 1 - 13
  
TRICKBOT
Trickbot is a banking trojan used in attacks usually against small- and medium-sized businesses. It is designed to access online accounts, especially bank accounts, to obtain Personally Identifiable Information (PII). The obtained data is mostly used...
Trickbot Strikes Via New Spam Wave
We have observed a new spam wave delivering Trickbot. This campaign uses spam mail with malicious attachments disguised as a Microsoft Excel file. The message contains fake payment notification, claiming to be from ...
EMOTET
Emotet first appeared in 2014 as a banking malware that attempted to infect computers and steal sensitive information. This malware mostly spreads by spam and phishing emails with infected attachments and embedded malicious URLs. It has worm-like cap...
CaseID-2412
TRICKBOT - Malicious certificate - SSL Detection Name: HTTPS_TRICKBOT_CERTIFICATE Malware Family: TRICKBOT Related Malware: N/A
21-016 (April 6, 2021)
* indicates a new version of an existing rule Deep Packet Inspection Rules: DNS Client 1010784* - DNSmasq DNSSEC Out Of Bounds Write Vulnerability (CVE-2020-25687) DNS Server 1010613* - Identified DNS Trojan.Win32.Trickbot.Dns ...
20-063 (December 22, 2020)
* indicates a new version of an existing rule Deep Packet Inspection Rules: DNS Server 1010633* - Identified DNS Trojan.Linux.Anchor.A Traffic 1010613* - Identified DNS Trojan.Win32.Trickbot.Dns Traffic 1010632* - Identifie...
20-059 (November 24, 2020)
* indicates a new version of an existing rule Deep Packet Inspection Rules: DNS Server 1010613* - Identified DNS Trojan.Win32.Trickbot.Dns Traffic 1010633 - Malware Trojan.Linux.Anchor.A 1010632 - Malware Trojan.Win64.Ancho...
20-058 (November 17, 2020)
* indicates a new version of an existing rule Deep Packet Inspection Rules: DCERPC Services 1010164* - Identified Possible Ransomware File Extension Create Activity Over Network Share 1007596* - Identified Possible Ransomwa...
Trojan.Win32.TRICKBOT.CFGX
This Trojan may arrive bundled with malware packages as a malware component. It arrives on a system as a file dropped by other malware or as a file downloaded unknowingly by users when visiting malicious sites. It requires its main component to succ...
Trojan.Win32.TRICKBOT.MDL
This Trojan may arrive bundled with malware packages as a malware component. It arrives on a system as a file dropped by other malware or as a file downloaded unknowingly by users when visiting malicious sites. It requires its main component to succ...
BAZAR
BAZAR is a loader and backdoor. The loader gives the attacker its initial foothold in the environment, while the backdoor establishes persistence. Together they give the attacker a chance to drop another payload such as ransomware and exploits that c...
Backdoor.Win64.ANCHOR.A
This is the Trend Micro detection for the backdoor installed by the PowerTrick post-exploitation toolkit believed to be developed by creators of Trickbot. This Backdoor arrives on a system as a file dropped by other malware or as a file downloaded u...
TSPY_TRICKLOAD.N
This spyware arrives on a system as a file dropped by other malware or as a file downloaded unknowingly by users when visiting malicious sites. It may be dropped by other malware. It uses the Windows Task Scheduler to add a scheduled task that execu...