Overview

overview

10

Static

static

3

04dc5f70e1...18.exe

windows7-x64

10

04dc5f70e1...18.exe

windows10-2004-x64

10

Sharing

Copy URL
Twitter E-mail

General

  • Target

    04dc5f70e1225c7560404752c1e998ea_JaffaCakes118

  • Size

    544KB

  • Sample

    241001-ja8yaa1gqg

  • MD5

    04dc5f70e1225c7560404752c1e998ea

  • SHA1

    7122d491e0767fe32bb02c546dad0f12f8ca1f0d

  • SHA256

    1bc4f950c935d6e994835daa1ff2a69cefffc29486032913b101213e0469e843

  • SHA512

    ca400477edb0c1e77266581c16d4c95387d6b75c6bc81672a15216b4512e8a8a3a3d4fb3853203b5cb1f9010ecac3eb7c318e72b7d7e916f9bcc2373afb4a802

  • SSDEEP

    12288:WR5gpjm5Ku1779BYsYBJCa8qsxtQdk7pwC:ggpjmt79YPCtqsLQd+p

Score
10/10
trickbottop111bankerdiscoverytrojan

Malware Config

Extracted

Family

trickbot

Version

100019

Botnet

top111

C2

65.152.201.203:443

185.56.175.122:443

46.99.175.217:443

179.189.229.254:443

46.99.175.149:443

181.129.167.82:443

216.166.148.187:443

46.99.188.223:443

128.201.76.252:443

62.99.79.77:443

60.51.47.65:443

24.162.214.166:443

45.36.99.184:443

97.83.40.67:443

184.74.99.214:443

103.105.254.17:443

62.99.76.213:443

82.159.149.52:443
Attributes
  • autorun
    Name:pwgrabb
    Name:pwgrabc
ecc_pubkey.base64

Targets

    • Target

      04dc5f70e1225c7560404752c1e998ea_JaffaCakes118

    • Size

      544KB

    • MD5

      04dc5f70e1225c7560404752c1e998ea

    • SHA1

      7122d491e0767fe32bb02c546dad0f12f8ca1f0d

    • SHA256

      1bc4f950c935d6e994835daa1ff2a69cefffc29486032913b101213e0469e843

    • SHA512

      ca400477edb0c1e77266581c16d4c95387d6b75c6bc81672a15216b4512e8a8a3a3d4fb3853203b5cb1f9010ecac3eb7c318e72b7d7e916f9bcc2373afb4a802

    • SSDEEP

      12288:WR5gpjm5Ku1779BYsYBJCa8qsxtQdk7pwC:ggpjmt79YPCtqsLQd+p

    Score
    10/10
    trickbottop111bankerdiscoverytrojan

    • Trickbot

      Developed in 2016, TrickBot is one of the more recent banking Trojans.

      trojanbankertrickbot
    behavioral1behavioral2

MITRE ATT&CK Enterprise v15

Tasks