General

  • Target

    JaffaCakes118_53ccc10856cdb69e71350d0963773f3edaae9847fee94375cd051a79a04c1329

  • Size

    2.2MB

  • Sample

    241225-sdp41swmbp

  • MD5

    f55f605c05fe1b18a61dde2fd3307ebd

  • SHA1

    8b367ae0727527263dffa368c1a0f038961f0285

  • SHA256

    53ccc10856cdb69e71350d0963773f3edaae9847fee94375cd051a79a04c1329

  • SHA512

    8c5f3e65af71eb07ea12eae92ff4497f16d5f2d7fedc8822b19019f318084877be5a94b42b8d1d222f09c2ea24fcb0180dc23dd3f62452a3185c9471ad888bc4

  • SSDEEP

    6144:jI/PVUyWxpgmU2nXsEjAWFaOFPSAWcLH/FrfWCtGVRz4fq:jIde7pFaPY

Malware Config

Extracted

Family

trickbot

Version

100021

Botnet

rob142

C2

181.129.85.98:443

189.112.119.205:443

189.51.118.78:443

186.121.214.106:443

49.176.188.184:443

61.69.102.170:443

213.32.252.221:443

89.46.216.2:443

103.36.79.3:443

103.108.97.51:443

95.140.217.242:443

41.175.22.226:443

190.109.169.161:443

186.159.12.18:443

190.109.171.17:443

181.196.148.202:443

186.47.75.58:443

186.42.212.30:443

190.214.21.14:443

187.108.32.133:443

Attributes
  • autorun

ecc_pubkey.base64
1
RUNTMzAAAABbfmkJRvwyw7iFkX40hL2HwsUeOSZZZo0FRRWGkY6J1+gf3YKq13Ee4sY3Jb9/0myCr0MwzNK1K2l5yuY87nW29Q/yjMJG0ISDj0HNBC3G+ZGta6Oi9QkjCwnNGbw2hQ4=

Targets

    • Target

      JaffaCakes118_53ccc10856cdb69e71350d0963773f3edaae9847fee94375cd051a79a04c1329

    • Size

      2.2MB

    • MD5

      f55f605c05fe1b18a61dde2fd3307ebd

    • SHA1

      8b367ae0727527263dffa368c1a0f038961f0285

    • SHA256

      53ccc10856cdb69e71350d0963773f3edaae9847fee94375cd051a79a04c1329

    • SHA512

      8c5f3e65af71eb07ea12eae92ff4497f16d5f2d7fedc8822b19019f318084877be5a94b42b8d1d222f09c2ea24fcb0180dc23dd3f62452a3185c9471ad888bc4

    • SSDEEP

      6144:jI/PVUyWxpgmU2nXsEjAWFaOFPSAWcLH/FrfWCtGVRz4fq:jIde7pFaPY

MITRE ATT&CK Enterprise v15

Tasks

We care about your privacy.

This website stores cookies on your computer. These cookies are used to improve your website experience and provide more personalized services to you, both on this website and through other media. To find out more about the cookies we use, see our Privacy Policy.