General

  • Target

    JaffaCakes118_e0942323d3a57f785e94a602eb305d09fbb04c2003afeb09d6fcfbe715a0bd2a

  • Size

    436KB

  • Sample

    241225-1jrh2ayqdl

  • MD5

    47b2160cae7dd245ee253b1a3edc78f1

  • SHA1

    11a2165ecbfc68784b95f463a21fa0bd3c60f6bf

  • SHA256

    e0942323d3a57f785e94a602eb305d09fbb04c2003afeb09d6fcfbe715a0bd2a

  • SHA512

    b74b19531242623b2ba916c644fb5c71da257ca5f0a5b056989dfa1734563e335a2eb53c0bcd2800cf02dc1df808f8bb4a8301813420633e967a0a55b684a7ac

  • SSDEEP

    6144:pkVJ67JhvuoozbJhMZnctQTFE4QbXU9CkDotFMcMNBlNtEKLtc:pkVJIDvZ8lOFfQbXU9s79MNBjKotc

Malware Config

Extracted

Family

trickbot

Version

2000033

Botnet

tot157

C2

179.42.137.102:443

191.36.152.198:443

179.42.137.104:443

179.42.137.106:443

179.42.137.108:443

202.183.12.124:443

194.190.18.122:443

103.56.207.230:443

171.103.187.218:449

171.103.189.118:449

18.139.111.104:443

179.42.137.105:443

186.4.193.75:443

171.101.229.2:449

179.42.137.107:443

103.56.43.209:449

179.42.137.110:443

45.181.207.156:443

197.44.54.162:449

179.42.137.109:443

Attributes
  • autorun
    Name:pwgrabb
    Name:pwgrabc
ecc_pubkey.base64
1
RUNTMzAAAAAL/ZqmMPBLaRfg1hPOtFJrZz2Zi2/EC4B3fiX8VnaOUVKndBr+jEqWc7mw4v3ADTiwp64K5QKe1LZ27jUZxL4bWjxARPo85hv72nuedeZhRQ+adQQ/gIsV869MycRzghc=

Targets

    • Target

      JaffaCakes118_e0942323d3a57f785e94a602eb305d09fbb04c2003afeb09d6fcfbe715a0bd2a

    • Size

      436KB

    • MD5

      47b2160cae7dd245ee253b1a3edc78f1

    • SHA1

      11a2165ecbfc68784b95f463a21fa0bd3c60f6bf

    • SHA256

      e0942323d3a57f785e94a602eb305d09fbb04c2003afeb09d6fcfbe715a0bd2a

    • SHA512

      b74b19531242623b2ba916c644fb5c71da257ca5f0a5b056989dfa1734563e335a2eb53c0bcd2800cf02dc1df808f8bb4a8301813420633e967a0a55b684a7ac

    • SSDEEP

      6144:pkVJ67JhvuoozbJhMZnctQTFE4QbXU9CkDotFMcMNBlNtEKLtc:pkVJIDvZ8lOFfQbXU9s79MNBjKotc

MITRE ATT&CK Enterprise v15

Tasks

We care about your privacy.

This website stores cookies on your computer. These cookies are used to improve your website experience and provide more personalized services to you, both on this website and through other media. To find out more about the cookies we use, see our Privacy Policy.