Rewterz Threat Alert – TrickBot Employs Clever New Obfuscation Trick to evade detection
Severity
High
Analysis Summary
On the 100th release of Trickbot, the malware came equipped with new evasion techniques, one capability is to use of an obfuscated batch script launcher to jumpstart malicious executables. TrickBot is a malware infection commonly installed via malicious phishing emails or other malware. When installed, TrickBot will quietly run on a victim’s computer while it downloads other modules to perform different tasks. TrickBot is known to finish an attack by giving access to threat actors who deploy either the Ryuk or Conti ransomware on the compromised network.