TrickBot malware

GPTKB entity

Statements (36)
Predicate Object
gptkbp:instanceOf malware
gptkbp:abilities data exfiltration
modular architecture
credential theft
lateral movement
ransomware delivery
spreading via networks
gptkbp:alias gptkb:TrickLoader
gptkb:TheTrick
trickster
gptkbp:associatedWith gptkb:Conti_ransomware
gptkb:Ryuk_ransomware
gptkbp:discoveredBy 2016
gptkbp:distributedBy gptkb:Emotet_malware
malicious email attachments
malicious links
gptkbp:exploits gptkb:EternalBlue_vulnerability
SMB vulnerabilities
https://www.w3.org/2000/01/rdf-schema#label TrickBot malware
gptkbp:notableEvent disrupted by Microsoft and partners in 2020
infrastructure taken down in 2022
gptkbp:origin Russia-linked cybercriminals
gptkbp:purpose banking credential theft
gptkbp:status disrupted
still active in some variants as of 2023
gptkbp:target gptkb:Windows_operating_systems
gptkbp:type trojan
gptkbp:usedFor cybercrime
ransomware attacks
information stealing
botnet operations
gptkbp:writtenBy gptkb:JavaScript
gptkb:PowerShell
gptkb:C++
gptkbp:bfsParent gptkb:Wizard_Spider_group
gptkbp:bfsLayer 6