trickbot | e5ef4b7879d77c1121d50503506f4a6f9526ccd7a6778b7227746cd9fa9f283f

General

Target

607c0b63b89f4c0b1151181cc0b8a06a_JaffaCakes118
Size

228KB
Sample

240520-wrqt9abe77
MD5

607c0b63b89f4c0b1151181cc0b8a06a
SHA1

4e98484e324b80e6a7f003612803755468e992e8
SHA256

e5ef4b7879d77c1121d50503506f4a6f9526ccd7a6778b7227746cd9fa9f283f
SHA512

b1885118fea127188fe597d8f649d9bcc675af923466a0d77f527edd3c36697bb95371a18eeb66a0cfb3d121c07ee3c2ab18b1cd8bc7a939f0ddda1d169beae3
SSDEEP

3072:+5z2gTPdFG0m5cFk1oOG5UP2s56S9NKEI+Bcl/hJik6heuZn4fUCtbBLrlMTecqt:OTGBMmk5Jik64utgP+qZzfpZ

Score

10^/10

trickbot tot381

Malware Config

Extracted

Family

trickbot

Version

1000324

Botnet

tot381

C2

107.175.127.149:443

103.108.120.115:449

160.3.20.103:449

107.174.34.202:443

66.64.20.194:449

104.143.67.156:449

65.152.237.149:449

194.5.250.185:443

36.91.74.138:449

198.46.160.217:443

103.129.195.105:449

174.105.237.127:449

192.3.52.107:443

47.224.98.123:449

103.235.176.174:449

209.191.203.238:449

202.59.168.162:449

115.85.76.94:449

23.94.36.143:443

112.78.38.163:449

Attributes

autorun
Control:GetSystemInfo
Name:systeminfo
Name:injectDll
Name:pwgrab

ecc_pubkey.base64

Targets

- Target
  
  607c0b63b89f4c0b1151181cc0b8a06a_JaffaCakes118
- Size
  
  228KB
- MD5
  
  607c0b63b89f4c0b1151181cc0b8a06a
- SHA1
  
  4e98484e324b80e6a7f003612803755468e992e8
- SHA256
  
  e5ef4b7879d77c1121d50503506f4a6f9526ccd7a6778b7227746cd9fa9f283f
- SHA512
  
  b1885118fea127188fe597d8f649d9bcc675af923466a0d77f527edd3c36697bb95371a18eeb66a0cfb3d121c07ee3c2ab18b1cd8bc7a939f0ddda1d169beae3
- SSDEEP
  
  3072:+5z2gTPdFG0m5cFk1oOG5UP2s56S9NKEI+Bcl/hJik6heuZn4fUCtbBLrlMTecqt:OTGBMmk5Jik64utgP+qZzfpZ
Score

1^/10
behavioral1 behavioral2

MITRE ATT&CK Matrix

Tasks

Sharing

General

Malware Config

Extracted

Targets

MITRE ATT&CK Matrix

Tasks

static1

behavioral1

behavioral2