General

  • Target

    JaffaCakes118_2d2a83ae86b7bda8288dfe8e4858ff1552ad9545ff568b221603b6d1df22e901

  • Size

    436KB

  • Sample

    241225-cjdp6strer

  • MD5

    0fb48e7bf7329ca395284b4198e77a05

  • SHA1

    a8140c6bbb49ca359c388d103dfb606641c132a2

  • SHA256

    2d2a83ae86b7bda8288dfe8e4858ff1552ad9545ff568b221603b6d1df22e901

  • SHA512

    e4f72b795e658dc8d9fcd74ce2d30f021c0cc75ee6b3156f0dcb394bcfceba7692d2d194f7a753545fad1f042488f1c0f29c4b5ccfa3a7922e99a522a086b87e

  • SSDEEP

    6144:pkVJ67JhvuooybJhMZnctQTFE4QbXU9CkDotFMcMNBlNtEKLtc:pkVJIDvZllOFfQbXU9s79MNBjKotc

Malware Config

Extracted

Family

trickbot

Version

2000033

Botnet

tot157

C2

179.42.137.102:443

191.36.152.198:443

179.42.137.104:443

179.42.137.106:443

179.42.137.108:443

202.183.12.124:443

194.190.18.122:443

103.56.207.230:443

171.103.187.218:449

171.103.189.118:449

18.139.111.104:443

179.42.137.105:443

186.4.193.75:443

171.101.229.2:449

179.42.137.107:443

103.56.43.209:449

179.42.137.110:443

45.181.207.156:443

197.44.54.162:449

179.42.137.109:443

Attributes
  • autorun
    Name:pwgrabb
    Name:pwgrabc
ecc_pubkey.base64
1
RUNTMzAAAAAL/ZqmMPBLaRfg1hPOtFJrZz2Zi2/EC4B3fiX8VnaOUVKndBr+jEqWc7mw4v3ADTiwp64K5QKe1LZ27jUZxL4bWjxARPo85hv72nuedeZhRQ+adQQ/gIsV869MycRzghc=

Targets

    • Target

      JaffaCakes118_2d2a83ae86b7bda8288dfe8e4858ff1552ad9545ff568b221603b6d1df22e901

    • Size

      436KB

    • MD5

      0fb48e7bf7329ca395284b4198e77a05

    • SHA1

      a8140c6bbb49ca359c388d103dfb606641c132a2

    • SHA256

      2d2a83ae86b7bda8288dfe8e4858ff1552ad9545ff568b221603b6d1df22e901

    • SHA512

      e4f72b795e658dc8d9fcd74ce2d30f021c0cc75ee6b3156f0dcb394bcfceba7692d2d194f7a753545fad1f042488f1c0f29c4b5ccfa3a7922e99a522a086b87e

    • SSDEEP

      6144:pkVJ67JhvuooybJhMZnctQTFE4QbXU9CkDotFMcMNBlNtEKLtc:pkVJIDvZllOFfQbXU9s79MNBjKotc

MITRE ATT&CK Enterprise v15

Tasks

We care about your privacy.

This website stores cookies on your computer. These cookies are used to improve your website experience and provide more personalized services to you, both on this website and through other media. To find out more about the cookies we use, see our Privacy Policy.