General
-
Target
JaffaCakes118_5754187c5f3605b1cde278c3a6cb2acbf3812bbbefe7e74b0373544cea86e72c
-
Size
675KB
-
Sample
241222-qbyl9szlaq
-
MD5
9dc459e619c91ffa9e76701c019463b9
-
SHA1
d7568efc76088c98dd410cb1e30781aba203d0a3
-
SHA256
5754187c5f3605b1cde278c3a6cb2acbf3812bbbefe7e74b0373544cea86e72c
-
SHA512
0e0d70f74025fd741a995624fef61ac10e4e1efd72752d098c3265c79a2a81f8c4f0b92a4ea17b74bdee735c2ae5334347d4adde982fa7981c2ce88eb40f46f0
-
SSDEEP
12288:IkvZWz9UywWAb2ZwpYdvWKF6GTyoM+Zl3kqhb3wgKvmdsxMTxEbWvdwF8uIx/OeI:Io0hfwWs2Z4oeKF1TDzZl0W7JCmWx8tU
Static task
static1
Behavioral task
behavioral1
Sample
mon117_cr.dll
Resource
win7-20240903-en
Behavioral task
behavioral2
Sample
mon117_cr.dll
Resource
win10v2004-20241007-en
Behavioral task
behavioral3
Sample
mon122.dll
Resource
win7-20241023-en
Malware Config
Extracted
trickbot
100013
mon117
103.225.138.94:449
122.2.28.70:449
123.200.26.246:449
131.255.106.152:449
142.112.79.223:449
154.126.176.30:449
180.92.238.186:449
187.20.217.129:449
201.20.118.122:449
202.91.41.138:449
95.210.118.90:449
-
autorunName:pwgrab
Extracted
trickbot
100013
mon122
103.225.138.94:449
122.2.28.70:449
123.200.26.246:449
131.255.106.152:449
142.112.79.223:449
154.126.176.30:449
180.92.238.186:449
187.20.217.129:449
201.20.118.122:449
202.91.41.138:449
95.210.118.90:449
-
autorunName:pwgrab
Targets
-
-
Target
mon117_cr.dll
-
Size
497KB
-
MD5
7f3e44cca7dd1841d5d9db9a71b4f3cb
-
SHA1
871a743a69e66000e7588bb8858e9991ac8bd154
-
SHA256
e2ba0567ac236a24bfd4df321ae7860e8fe2810dbd088e0e90d67167c1ccd4c5
-
SHA512
d034989737111cadb57d8786802d7b0d9bca2d947a72a71996b3f2184303d25438fe4180c7131f88dda593d114170dbbc79a15fd6728fc68933e6c966b84e126
-
SSDEEP
6144:H9R8XkrFueSwOfnAqAitY5JGYMcETCQ1EvLaMGPl+8aubfHRJQwphRqD4:d7rTwGi0JGgETCQRP0DubPRawphok
-
Trickbot family
-
-
-
Target
mon122.dll
-
Size
768KB
-
MD5
d97e4caabf31d478bc931a0a1a47e08c
-
SHA1
85cca6fc2fdfab66c47188efc007d0b651c1536d
-
SHA256
2eaa196b5f4f0d20b23dd82f001f369e05de803834a11cfe93dd7b795d9e6cd2
-
SHA512
3add165b47af5bdb65547b2913525049df9d23c62448eccc83824150cc42f72a593d88f533bf1b8268321f2c688453422b2d659af9b9234ab8c1188ff6b9842f
-
SSDEEP
12288:R3huEehO+HvYoMsLsDrKy947vFawRiwyz/3ZCRRm:PuEeY+PsmQwRxEGRm
-
Trickbot family
-