India, June 14 -- SonicWall Capture Labs Threat Research Team recently found a new variant sample and activity in June for the TrickBot malware family. This family has been well known for many years, mainly focused on stealing the victim's online banking information. This variant has been written by developers with slick development skills wrapping its core functionality with a "Squirrel Shooting Game" code base to throw off initial analysis. It is often called a banker; however, its modular structure allows it to freely add new functionalities without modifying the core bot.

This particular variant uses an RSA encryption schema to protect certain areas of its core code along with custom xor encrypted strings. TrickBot also has the abili...