Latest cyber-attack from the TrickBot malware family that steals customers’ online banking information
SonicWall Capture Labs Threat Research Team recently found a new variant sample and activity in June for the TrickBot malware family. This family has been well known for many years, mainly focused on stealing the victim’s online banking information. This variant has been written by developers with slick development skills wrapping its core functionality with a “Squirrel Shooting Game” code base to throw off initial analysis. It is often called a banker, however, its modular structure allows it to freely add new functionalities without modifying the core bot. This particular variant uses an RSA encryption schema to protect certain areas of its core code along with custom xor encrypted strings. TrickBot also has the ability to continually update itself by downloading new modules from the C&C server and change its configuration on the fly. A picture of the game wrapped malware:
The game wrapped malware only serves as an analysis trick to throw off Security Researchers and others that want to try and analyze its code base. The game code doesn’t ever execute.
The longer the sample is able to run the more IP Addresses are generated and connected too. At first initial analysis we’ve seen the sample connect to over ten IPs. As you close each connection the sample seems to auto rotate the IP Addresses that are established.
The commands that are executed will disable RealtimeMonitoring, stop the service “WinDefend”, and try to delete the service after it’s terminated. Once finished, it will execute a new process called “teut.exe” which is just the original .exe above just in a new location.
Pega collaborates with Celebrus to introduce Always-On Insights for more timely and personalized customer outreach
Pegasystems Inc. announced Always-On Insights, a new offering combining Pega Customer Deci...
AMD intros Kria KR260 Robotics Starter Kit for Intelligent Factory of the future
AMD announced the Kria KR260 Robotics Starter Kit, the latest addition to the Kria portfol...
West Midlands Police deploys Exterro’s Cloud-based Digital Forensics Platform
The provider of Legal GRC software, Exterro Inc. announced that the West Midlands Police a...
Industry leaders layout the collaborative 5G Opportunities and capabilities for country’s digital transformation
Leading telecommunications experts and industry leaders connected and brainstormed ideas f...
VeeamON 2022 kicked off with insightful sessions on data protection
Veeam Software has kicked off its annual user conference, VeeamON 2022, delivering a rich,...
DoT, Rajasthan LSA conducts webinar on awareness for mobile tower myths and tower frauds
Department of Telecommunications (DoT), Jaipur License Service Area (LSA) organized an awa...
Microsoft Future Ready Industry week stresses on key trends driving digital transformation in the ITES sector
Microsoft’s Future Ready Industry week, ITES edition brought together industry lumin...