file5.pellet

General
Target

file5.pellet

Size

369KB

Sample

201124-bmlpy7t716

Score
10 /10
MD5

9ec3a085d785f3d8091fa3435a1b9584

SHA1

1605367d4b3157f29679cd7c045d8a6df2db5c5d

SHA256

843fae67108c2580a4590e41d5986191a71fb959959e1b1d40cfab672e15cab6

SHA512

de63061d70d284acf33123fb5b2ba87ba61f9af9192f0534b497f22df1083f167b62f83616b0fd83bbf9f4cf871ea215b82324d23567af097bbf573049be0aca

Malware Config

Extracted

Family trickbot
Version 1000296
Botnet sat97
C2

185.222.202.113:443

24.247.181.155:449

174.105.235.178:449

185.111.74.246:443

181.113.17.230:449

174.105.233.82:449

66.60.121.58:449

207.140.14.141:443

42.115.91.177:443

198.12.108.171:443

71.94.101.25:443

206.130.141.255:449

198.46.161.244:443

74.140.160.33:449

65.31.241.133:449

140.190.54.187:449

66.38.80.188:449

24.119.69.70:449

192.3.130.29:443

103.110.91.118:449

68.4.173.10:443

72.189.124.41:449

74.134.5.113:449

105.27.171.234:449

182.253.20.66:449

172.222.97.179:449

46.149.182.112:449

195.54.163.87:443

199.227.126.250:449

24.113.161.184:449

197.232.50.85:443

94.232.20.113:443

190.145.74.84:449

47.49.168.50:443

73.67.78.5:449

24.227.222.4:449

Attributes
autorun
Control: GetSystemInfo
Name: systeminfo
Name: injectDll
Name: pwgrab
ecc_pubkey.base64
Targets
Target

file5.pellet

MD5

9ec3a085d785f3d8091fa3435a1b9584

Filesize

369KB

Score
10 /10
SHA1

1605367d4b3157f29679cd7c045d8a6df2db5c5d

SHA256

843fae67108c2580a4590e41d5986191a71fb959959e1b1d40cfab672e15cab6

SHA512

de63061d70d284acf33123fb5b2ba87ba61f9af9192f0534b497f22df1083f167b62f83616b0fd83bbf9f4cf871ea215b82324d23567af097bbf573049be0aca

Tags

Related Tasks

MITRE ATT&CK Matrix
Command and Control
    Credential Access
    Discovery
      Execution
        Exfiltration
          Impact
          Initial Access
            Lateral Movement
              Privilege Escalation