General

  • Target

    JaffaCakes118_fe477980c86dfd649e780228c841ee8354c48e611be8810162e7f8e9e1f02f62

  • Size

    2.1MB

  • Sample

    241222-nzyaasxjcw

  • MD5

    834f5f2a03a090bcb9a64390ad086a67

  • SHA1

    7ebbd361750d699a784e067369a714a763754c46

  • SHA256

    fe477980c86dfd649e780228c841ee8354c48e611be8810162e7f8e9e1f02f62

  • SHA512

    5267f6de27170bd4f38830780c82bd2f667e98c89ae9a665da5a9924ff993da5da79539c8ce80377fc5878623594a1a1a8247e888c53288642ae5c6e5bf78328

  • SSDEEP

    3072:mUd2wnncoy08JVRgsLFu17v5PjGjGIGI5JRZiGM652qRX8tfkFdRYCWcFEa+kRO:mmn1P8JV7YD5qfrdZiGhNW87zia+GO

Malware Config

Extracted

Family

trickbot

Version

100021

Botnet

rob142

C2

181.129.85.98:443

189.112.119.205:443

189.51.118.78:443

186.121.214.106:443

49.176.188.184:443

61.69.102.170:443

213.32.252.221:443

89.46.216.2:443

103.36.79.3:443

103.108.97.51:443

95.140.217.242:443

41.175.22.226:443

190.109.169.161:443

186.159.12.18:443

190.109.171.17:443

181.196.148.202:443

186.47.75.58:443

186.42.212.30:443

190.214.21.14:443

187.108.32.133:443

Attributes
  • autorun

ecc_pubkey.base64
1
RUNTMzAAAABbfmkJRvwyw7iFkX40hL2HwsUeOSZZZo0FRRWGkY6J1+gf3YKq13Ee4sY3Jb9/0myCr0MwzNK1K2l5yuY87nW29Q/yjMJG0ISDj0HNBC3G+ZGta6Oi9QkjCwnNGbw2hQ4=

Targets

    • Target

      JaffaCakes118_fe477980c86dfd649e780228c841ee8354c48e611be8810162e7f8e9e1f02f62

    • Size

      2.1MB

    • MD5

      834f5f2a03a090bcb9a64390ad086a67

    • SHA1

      7ebbd361750d699a784e067369a714a763754c46

    • SHA256

      fe477980c86dfd649e780228c841ee8354c48e611be8810162e7f8e9e1f02f62

    • SHA512

      5267f6de27170bd4f38830780c82bd2f667e98c89ae9a665da5a9924ff993da5da79539c8ce80377fc5878623594a1a1a8247e888c53288642ae5c6e5bf78328

    • SSDEEP

      3072:mUd2wnncoy08JVRgsLFu17v5PjGjGIGI5JRZiGM652qRX8tfkFdRYCWcFEa+kRO:mmn1P8JV7YD5qfrdZiGhNW87zia+GO

MITRE ATT&CK Enterprise v15

Tasks

We care about your privacy.

This website stores cookies on your computer. These cookies are used to improve your website experience and provide more personalized services to you, both on this website and through other media. To find out more about the cookies we use, see our Privacy Policy.