{
  "name": "Expanding the Investigation: Deep Dive into Latest TrickMo Samples",
  "slug": "expanding-the-investigation-deep-dive-into-latest-trickmo-samples",
  "description": "This report delves into the analysis of 40 recent variants of the banking trojan TrickMo, uncovering novel capabilities like stealing unlock patterns/PINs and geolocating victims. It examines the malware's advanced features, including credential theft, data exfiltration, and command-and-control mechanisms. The report also identifies the primary targets based on geolocated IP addresses and the most targeted application types, providing insights into the threat actor's operations.",
  "published": "2024-10-15T07:25:00+00:00",
  "created_at": "2024-10-15T07:25:00+00:00",
  "modified_at": "2024-10-15T07:46:02+00:00",
  "created_at_opencti": "2024-10-15T07:25:00+00:00",
  "author": "",
  "confidence": null,
  "report_types": [],
  "labels": [],
  "tags": [
    "2024-10-15",
    "android",
    "banking trojan",
    "otp interception",
    "overlay attacks",
    "trickmo"
  ],
  "related_entities": {
    "observables": [
      {
        "id": "",
        "name": "http://shapr-3d.cn.com"
      },
      {
        "id": "",
        "name": "http://paramed.cn.com"
      },
      {
        "id": "",
        "name": "http://meshuggah.cn.com"
      },
      {
        "id": "",
        "name": "http://exchange-secure.cn.com"
      },
      {
        "id": "",
        "name": "http://adobtone.cn.com"
      },
      {
        "id": "",
        "name": "http://au-logon-login-page.group"
      },
      {
        "id": "",
        "name": "http://wicki-wicki.cn.com/c"
      },
      {
        "id": "",
        "name": "http://starnow.cn.com/c"
      },
      {
        "id": "",
        "name": "http://stagepool.cn.com/c"
      },
      {
        "id": "",
        "name": "http://oxydant.cn.com/c"
      },
      {
        "id": "",
        "name": "http://mikrotik.cn.com/c"
      },
      {
        "id": "",
        "name": "http://gofirst.cn.com/c"
      },
      {
        "id": "",
        "name": "http://chiggers.cn.com/c"
      },
      {
        "id": "",
        "name": "http://letsencryp.at/c"
      },
      {
        "id": "",
        "name": "http://keepass.ltd/c"
      },
      {
        "id": "",
        "name": "http://itwww.org/c"
      },
      {
        "id": "",
        "name": "http://dowhatyouwant.group/c"
      },
      {
        "id": "",
        "name": "trustmode.at"
      },
      {
        "id": "",
        "name": "everythingispossible.group"
      },
      {
        "id": "",
        "name": "products-receiver.group"
      },
      {
        "id": "",
        "name": "ff687eb2cad1bc2832d5d76ac2b4e82f5be19b6673a55cf1badeef3c8a10dd57"
      },
      {
        "id": "",
        "name": "fc12d94573bb1a9f02ce8beec6d54c9e9da13407785a22f06c13aad510608239"
      },
      {
        "id": "",
        "name": "f5133797791e31ea1ad07f8d332d49808ced951dfa7fbeb04f18a6ee0df3b25e"
      },
      {
        "id": "",
        "name": "f1401e63b56fc8f013b5222139f8e2d663dfc03475d6f9cb5dd1c0a65466e598"
      },
      {
        "id": "",
        "name": "edbef1be12821b7bcf37476dbd06e03171926c4c85791540d1e0385cfde53e4b"
      },
      {
        "id": "",
        "name": "ebf99d6499753df9fbcc24f6ef48aef692d38cd7165b7418fef46eced7580683"
      },
      {
        "id": "",
        "name": "ebaa8272ad57fe74a2c4d6176e5a411faad2da846a9692754e5e8d65d8830f39"
      },
      {
        "id": "",
        "name": "e70071ccf0f45073158a2cea7beb5bd76d669f265c2112162c34b11f1e4e75c8"
      },
      {
        "id": "",
        "name": "e81f26ac05a84b7178d029038851a07ac5f8e2c9867471ff96ff5d5526a24bb2"
      },
      {
        "id": "",
        "name": "e67a0233f198c07cfe1a72537f5ddc1a48f344b47cc5232e4528f467d0fbc61e"
      },
      {
        "id": "",
        "name": "e487220af118492bc69fffaf6755bcf89cc668ac9611956def38bdf8725643e4"
      },
      {
        "id": "",
        "name": "e2ff976dc5db6a8b856d4c2a4f0b02d12bf31fa738b84df6ca504dbfac2bbd72"
      },
      {
        "id": "",
        "name": "e27d8b356dcd516be1ac389019aa813261bb320d15fd3216857a98a0b8942c0c"
      },
      {
        "id": "",
        "name": "e0f06bd5537fc0dd6e4c6a97310f74e60f04c6d8b1f4a7a9219221aafaf4f217"
      },
      {
        "id": "",
        "name": "ddc65d96a0022ed640bdbe174582e337218fd4f7114254504952e5bb94ea1851"
      },
      {
        "id": "",
        "name": "d4d5751f6b6e28f03cad4fafd9e2755af937535f4485d7ea43cd069e97429807"
      },
      {
        "id": "",
        "name": "d300f7f268d3366df4ad6e616cbd4854635dafb393de8315aaf1cfa53d7d3db1"
      },
      {
        "id": "",
        "name": "cbb64e62f4a63c40bf2a214353213381f9a8a1087b66f8adec741f075ab20df6"
      },
      {
        "id": "",
        "name": "d074a8dc94c46bdf9567bf030f3674c93fd3b92e0c5ad59ee3494172dc006857"
      },
      {
        "id": "",
        "name": "ba25744487f1f3b4b5a63aa93a0a38eefe6d502baf3f7eeeac53efe906006b1a"
      },
      {
        "id": "",
        "name": "b999e1fba128507ff2a751d025b923f60801fe0f3011f31dd691b989e120ead0"
      },
      {
        "id": "",
        "name": "b90923c0e5149b068faa19ef5c77128edd6c477d91e2fca6c1c9ab4d5179fc8f"
      },
      {
        "id": "",
        "name": "b4b92db35c432ce3844c5772b60c082aa39ad2a2135490e4cc2f5dd4c2daada0"
      },
      {
        "id": "",
        "name": "ad3ccf89fa7002f9af78a311f883ff35efd76c9f27df1146b216a8bb42552340"
      },
      {
        "id": "",
        "name": "acc38e90e868a63795fe8ad44c5820b00f4b7661b5b488d5c29a8cfdc1ffe8db"
      },
      {
        "id": "",
        "name": "a8aae68daa34dfaac611da07accca9d32d99242e3ed2b991f90d24e310b9fcff"
      },
      {
        "id": "",
        "name": "a755cbfc1a25a54bc3d1d12d8a1d82f28b910b9cf870716529f32d5d02bc4c65"
      },
      {
        "id": "",
        "name": "a03c968ed6f639f766cf562493a90ae7a61e909d99e098aea2abbbf607003337"
      },
      {
        "id": "",
        "name": "9f81ceb2c6b512402f9d7d0998a9e210a780fd51e494170186794d69bbddb642"
      },
      {
        "id": "",
        "name": "9dafc07911e018c9cd57556cfedd8b84b63adb7d20822186e3793a802a3dc146"
      },
      {
        "id": "",
        "name": "9f69f3ae0c08df7d5d3a43a93d2089cafc5c05b65c5b87ea4aedbb2b9052adaf"
      },
      {
        "id": "",
        "name": "961cdc6230979b53ad487026a246491ae0017f0a4d7a2d93c37d6c159a376044"
      },
      {
        "id": "",
        "name": "90671084d9f1d8a0753c503b4e169b74f2b45a4d79df1a150c7290b710716ca4"
      },
      {
        "id": "",
        "name": "8f5aed8982908dab0d140718121373ce197ec80d3f01d13adae9d6d268c16a2b"
      },
      {
        "id": "",
        "name": "8e8470ed0fd881e9c7ad3db2bcb9515a9dc8fbbcf9fdf38169330514524059ef"
      },
      {
        "id": "",
        "name": "89b2db4df443549bfb59063c4c9006a00971644f54d125cbf3b75e699221fbe8"
      },
      {
        "id": "",
        "name": "8a4280d990833742707e00520fe91b7068bdbe752e5c16cde7f1758ddf7afab0"
      },
      {
        "id": "",
        "name": "868614c4dc5d113ea6ed43f5a61fc71acd69f8bbd9a09235ae70f7bb6cca86c0"
      },
      {
        "id": "",
        "name": "8500f75473db4ef0d70980463b324369b9320de20c59fb760522be16ea3cf3c5"
      },
      {
        "id": "",
        "name": "829435ce15d2abc91275ff1686bd61f1cde62628587086914627616d57499a14"
      },
      {
        "id": "",
        "name": "7e597539ac5121af48b247b98f0afada28e17ee2da12207b504f6946e8ca941d"
      },
      {
        "id": "",
        "name": "7ab74bb3fd9aa60bd46901f52431edf436de2e6513bf69abb33d4fc12749bb9f"
      },
      {
        "id": "",
        "name": "74b73b9ab9da905f6011975b3bb4c5a41bb1c8700c9aa116bef74cdf3d47f112"
      },
      {
        "id": "",
        "name": "703aad69e1bf469dcf8d179e475c9145f32659874290a495f26ccf15b3eed928"
      },
      {
        "id": "",
        "name": "6bc12a021142905c3875b614d8f99e693fbed3315b18024c36d4a38060cad10a"
      },
      {
        "id": "",
        "name": "69958851f1caa8dc141cc9a427648daf3d659dceca1990b9fcd34aa8bbb36670"
      },
      {
        "id": "",
        "name": "63ca6fc9b7278951b57a79ef6e39a94d1e0e88927be3b8478af1353091ffaca4"
      },
      {
        "id": "",
        "name": "5a8d2f40f669b4e7f5edf90c687be33f5b537d2491687df49a4339976df483fb"
      },
      {
        "id": "",
        "name": "59e2767c7158d60b990bcd97b0abcea00b1bdafc869e9c971179abef5e38b17f"
      },
      {
        "id": "",
        "name": "555ff149d7a620b8eb7724939c5492a6285f417012476476c96b8630a64d17a7"
      },
      {
        "id": "",
        "name": "55554c599507947c5eb96264a7db9acaa65d2b42742b39b15686836d0fac2ba0"
      },
      {
        "id": "",
        "name": "4d9ce4cf54a66f1ac6d93071ea31bd861de67820f001e5d13535fdc3cf5faf45"
      },
      {
        "id": "",
        "name": "4bdc30e872b879e2303e2f4ccbc73f0ce5335d9d3b98b165fc2b22fc8c3251e5"
      },
      {
        "id": "",
        "name": "4a49fa1c16889fcebf1210e796a56001231351831bf4526fb00e6904197ab674"
      },
      {
        "id": "",
        "name": "493b219932c105a9e2a8dd90dbbd0bb8ffc8bab3035c7353f9beba1747ef0d4e"
      },
      {
        "id": "",
        "name": "43e19c7bbaf2d85c3952c4f28cb11ff3c711c3bb0d8396b2ac48a9d4efb955e8"
      },
      {
        "id": "",
        "name": "42d25d50c5c1c137d59c7c32ec04906760f9a0b01ace4989ec7745a0634b560d"
      },
      {
        "id": "",
        "name": "3f95b677291032ed516aaa7c0f741ee7fb5694e228aeb6be7e6f3e2fb7e7acae"
      },
      {
        "id": "",
        "name": "3c52c96c8c8bddb4ff2165c9f2ffdefba23532f1c2b24c03fcf8049c84d613b6"
      },
      {
        "id": "",
        "name": "37ac15f552aa23de08b0ab3ea6913306f1e1f9d62d93e59fb80cda7c9e5dc2f0"
      },
      {
        "id": "",
        "name": "32e39963f71cdb20c59382aefb19b2cfa3fb2527f15e12dedf587a8329e30f95"
      },
      {
        "id": "",
        "name": "2deb5aec5a8cc96638d22f02c6488bf58de581d0cbdf8ae20a71f1515dbeda71"
      },
      {
        "id": "",
        "name": "2d70c9887d1c135d5b39739018742dae6423adb55a112a0a08bfcd98a98a862a"
      },
      {
        "id": "",
        "name": "2cb4276b0532c45c11338ec84817657c32bed5ec15d7f693a945ce65649037fe"
      },
      {
        "id": "",
        "name": "2bb8a7b172c3f83de65c68740ffeb76cfeef775d76e612b257ea788580941630"
      },
      {
        "id": "",
        "name": "20c21a0bf466412118a8b79e890e2ce5dd068a9a2d354f43f6b4b7c94ee16509"
      },
      {
        "id": "",
        "name": "1c6838f94b564285ac7af70906e5b0203d56628b7e932a26757c7ca8f272be2b"
      },
      {
        "id": "",
        "name": "1a79fe2f64923f83d1042d2ffe86e6a77c00143bdc7b0c247e3d8753e36e699f"
      },
      {
        "id": "",
        "name": "187c0e90c8b019e664f3919a5e6ba62e8dd5336eb38ea1b36376ba1456b91f35"
      },
      {
        "id": "",
        "name": "11af0da9a7c5f65bb098ed52973e814b12eba492fb3615a5fada5d4cc390928d"
      },
      {
        "id": "",
        "name": "0602db7aff8ef3a5d3a81a556390a24f96a6fc7b478470c57fdec01024e3fac1"
      },
      {
        "id": "",
        "name": "035e236b3d236c78cfb27e4f35dd220c9668a28b923c8818338dd1c4e11d4554"
      },
      {
        "id": "",
        "name": "014e2caf1cc8fa290319b41ae2cb245241bf4fba4ce13778ddbca72e21c809b0"
      },
      {
        "id": "",
        "name": "00b6ecf73a690b40a4b22ce865f0a3df902516bd70bd6c13de8ec07f9a2b6937"
      }
    ],
    "malware": [
      {
        "id": "legacy:malware:a415bb807d6d229e",
        "name": "TrickMo",
        "slug": "trickmo"
      }
    ],
    "others": [
      {
        "id": "",
        "name": "United Arab Emirates"
      },
      {
        "id": "",
        "name": "Canada"
      },
      {
        "id": "",
        "name": "Germany"
      }
    ]
  },
  "external_refs": [
    "https://otx.alienvault.com/pulse/670e34ec7ac9b2508d301e0e"
  ]
}