General

  • Target

    JaffaCakes118_28644848186100f634404da60b058b18d2464a3a37080211aac429f1e2221489

  • Size

    436KB

  • Sample

    241224-sp5zlszrhm

  • MD5

    c8a446fdf01a5d346c7fc47bbb30ed4e

  • SHA1

    4fda0dbdcc03a5e3d93808754d1e03b35fdb4df8

  • SHA256

    28644848186100f634404da60b058b18d2464a3a37080211aac429f1e2221489

  • SHA512

    17e332de65ef67c7dd726959580ef4662e4a5dcce454afec160e103f3e4d32f6c43bd741ce94ad40233706e3cc31831e764ab78cb6055313237e27263d7184ee

  • SSDEEP

    6144:pkVJ67JhvuooNbJhMZnctQTFE4QbXU9CkDotFMcMNBlNtEKLtc:pkVJIDvZylOFfQbXU9s79MNBjKotc

Malware Config

Extracted

Family

trickbot

Version

2000033

Botnet

tot157

C2

179.42.137.102:443

191.36.152.198:443

179.42.137.104:443

179.42.137.106:443

179.42.137.108:443

202.183.12.124:443

194.190.18.122:443

103.56.207.230:443

171.103.187.218:449

171.103.189.118:449

18.139.111.104:443

179.42.137.105:443

186.4.193.75:443

171.101.229.2:449

179.42.137.107:443

103.56.43.209:449

179.42.137.110:443

45.181.207.156:443

197.44.54.162:449

179.42.137.109:443

Attributes
  • autorun
    Name:pwgrabb
    Name:pwgrabc
ecc_pubkey.base64
1
RUNTMzAAAAAL/ZqmMPBLaRfg1hPOtFJrZz2Zi2/EC4B3fiX8VnaOUVKndBr+jEqWc7mw4v3ADTiwp64K5QKe1LZ27jUZxL4bWjxARPo85hv72nuedeZhRQ+adQQ/gIsV869MycRzghc=

Targets

    • Target

      JaffaCakes118_28644848186100f634404da60b058b18d2464a3a37080211aac429f1e2221489

    • Size

      436KB

    • MD5

      c8a446fdf01a5d346c7fc47bbb30ed4e

    • SHA1

      4fda0dbdcc03a5e3d93808754d1e03b35fdb4df8

    • SHA256

      28644848186100f634404da60b058b18d2464a3a37080211aac429f1e2221489

    • SHA512

      17e332de65ef67c7dd726959580ef4662e4a5dcce454afec160e103f3e4d32f6c43bd741ce94ad40233706e3cc31831e764ab78cb6055313237e27263d7184ee

    • SSDEEP

      6144:pkVJ67JhvuooNbJhMZnctQTFE4QbXU9CkDotFMcMNBlNtEKLtc:pkVJIDvZylOFfQbXU9s79MNBjKotc

MITRE ATT&CK Enterprise v15

Tasks

We care about your privacy.

This website stores cookies on your computer. These cookies are used to improve your website experience and provide more personalized services to you, both on this website and through other media. To find out more about the cookies we use, see our Privacy Policy.