Overview

overview

10

Static

static

10

fd1e5dbf24...18.exe

windows7-x64

3

fd1e5dbf24...18.exe

windows10-2004-x64

3

Sharing

Copy URL
Twitter E-mail

General

  • Target

    fd1e5dbf241e01fded83c4e584e702f9_JaffaCakes118

  • Size

    134KB

  • Sample

    241218-zyhzrssnbr

  • MD5

    fd1e5dbf241e01fded83c4e584e702f9

  • SHA1

    6f3833a318789dccd2005d0fe2f423832bc1102d

  • SHA256

    c1c7034ea634b250f52dc7c91ffa4fd92ec69195a28bdf782c41395de059880e

  • SHA512

    56b664443e048fe2bcb37419a6d6ad4bc70a50c4f539430c7ac44e61b75d158c51b4c94e6dfc7c6cad8a5a087ba62dedce0ebc443dc6f02ef03b42b8dbc903fe

  • SSDEEP

    3072:wbsOUpG3BnWkI03siNibO0NeLg74KpuHb8wrNtDz:w9UqWD03siMb73VU71hRz

Score
10/10
trickbotzev7discovery

Malware Config

Extracted

Family

trickbot

Version

2000034

Botnet

zev7

C2

103.36.126.221:443

84.236.171.231:443

14.102.72.204:443

176.100.4.31:443

165.73.90.187:443

103.23.237.6:443

122.117.90.133:443

103.61.100.252:443

36.95.110.19:443

103.65.193.144:443

117.220.229.162:443

103.113.105.126:443

14.102.46.9:443

139.255.199.196:443

157.119.215.186:443

151.106.48.226:443

36.91.36.29:443

117.196.235.194:443

14.102.188.227:443

103.75.32.38:443
Attributes
  • autorun
    Name:pwgrabb
    Name:pwgrabc
ecc_pubkey.base64

Targets

    • Target

      fd1e5dbf241e01fded83c4e584e702f9_JaffaCakes118

    • Size

      134KB

    • MD5

      fd1e5dbf241e01fded83c4e584e702f9

    • SHA1

      6f3833a318789dccd2005d0fe2f423832bc1102d

    • SHA256

      c1c7034ea634b250f52dc7c91ffa4fd92ec69195a28bdf782c41395de059880e

    • SHA512

      56b664443e048fe2bcb37419a6d6ad4bc70a50c4f539430c7ac44e61b75d158c51b4c94e6dfc7c6cad8a5a087ba62dedce0ebc443dc6f02ef03b42b8dbc903fe

    • SSDEEP

      3072:wbsOUpG3BnWkI03siNibO0NeLg74KpuHb8wrNtDz:w9UqWD03siMb73VU71hRz

    Score
    3/10
    discovery
    behavioral1behavioral2

MITRE ATT&CK Enterprise v15

Tasks