Trickbot Banking Trojan
By Tyler Hudak and Aaron Rosenmund
Course info



Course info



Description
In this course, Malware Analysis and Detection: TrickBot, Aaron Rosenmund and Tyler Hudak discuss the malware TrickBot, a popular malware used by attackers. By the end of this course, you will learn how TrickBot works, what it does to computers it compromises, and what tools you can use to detect it on your hosts and network.
Section Introduction Transcripts
Course Overview
(Music) (Aaron) Hello everyone. I'm Aaron Rosenmund, a staff author for Pluralsight focused on security operations and incident response, and a part-time member of the Florida International Guard, working in defensive cyber operations. (Tyler) Hey, this is Tyler Hudak. I do incident response as my primary job and am a Pluralsight author. In my job, I've come across the TrickBot malware more times than I can count. This is a dangerous piece of malware that, if left unchecked in your environment, can lead to very bad things happening. (Aaron) Malware developers never rest, and neither can we. TrickBot has resurged recently, earning headlines like, "TrickBot snares 250 million passwords, " and touting some very large infection numbers. Combined with its modularized deployment and per-device encryption, this malware has indiscriminately spread far and wide. Following commodity malware trends, it is being leveraged as an intermediate stage that's often followed by ransomware, and it seems to be under frequent development. (Tyler) In this course, we'll cover what TrickBot is, what it's used for, and how it works. We'll also cover how you can analyze what TrickBot does on systems that it compromises, as well as the network traffic it generates. (Aaron) By the end of this Play by Play, you will have some intermediate indicators to search through your environment for TrickBot compromise and the confidence to follow the same dynamic analysis process for new variants of TrickBot as they're developed and deployed in the wild. (Tyler) We hope you'll join us on this journey to learn how to analyze TrickBot in this Play by Play at Pluralsight.