Trickbot Malware reemerging with new ticks and future to steal various sensitive information such as passwords, History, cookies from application & Browsers. TrendMicro researchers identified password new grabbing module (pwgrab32) along with various modules. The second module is shareDll32 helps Trickbot malware to propagate across the infected network and download the copy of itself from the C2 server. It uses 2 main functions WNetEnumResource and GetComputerNameW in order to the enumerates and identifies systems connected on the same domain. It has an auto-start service that allows Trickbot to run whenever the machine boots.”]
Source: https://gbhackers.com/trickbot-malware-steal-password/