General
-
Target
JaffaCakes118_28ab61eb416957831da5d3c7dcead7a9c4fcf8eca746651213b16ebb7b03109a
-
Size
516KB
-
Sample
241229-p9wpwsskcz
-
MD5
282745b643e15b7ac36afbf114e94fa2
-
SHA1
0482e466477523b277a59fb13c64e0738ab8322e
-
SHA256
28ab61eb416957831da5d3c7dcead7a9c4fcf8eca746651213b16ebb7b03109a
-
SHA512
10633db5bc5b78ed586603659577be69dbf07f53e6a1fb390bf5a5590d70e43ae1bdb0fafe7fd9406fc1a545f4525a38fba1d84b0e0225c3813528c7c5ec9bdf
-
SSDEEP
12288:cbVMh0tRyr3W3SBniM+uwkMx8nXoTT0WJZmo:WMh0tRyp3lY8X2xJZmo
Malware Config
Extracted
trickbot
2000033
tot153
179.42.137.102:443
191.36.152.198:443
179.42.137.104:443
179.42.137.106:443
179.42.137.108:443
202.183.12.124:443
194.190.18.122:443
103.56.207.230:443
171.103.187.218:449
171.103.189.118:449
18.139.111.104:443
179.42.137.105:443
186.4.193.75:443
171.101.229.2:449
179.42.137.107:443
103.56.43.209:449
179.42.137.110:443
45.181.207.156:443
197.44.54.162:449
179.42.137.109:443
-
autorunName:pwgrabbName:pwgrabc
Targets
-
-
Target
JaffaCakes118_28ab61eb416957831da5d3c7dcead7a9c4fcf8eca746651213b16ebb7b03109a
-
Size
516KB
-
MD5
282745b643e15b7ac36afbf114e94fa2
-
SHA1
0482e466477523b277a59fb13c64e0738ab8322e
-
SHA256
28ab61eb416957831da5d3c7dcead7a9c4fcf8eca746651213b16ebb7b03109a
-
SHA512
10633db5bc5b78ed586603659577be69dbf07f53e6a1fb390bf5a5590d70e43ae1bdb0fafe7fd9406fc1a545f4525a38fba1d84b0e0225c3813528c7c5ec9bdf
-
SSDEEP
12288:cbVMh0tRyr3W3SBniM+uwkMx8nXoTT0WJZmo:WMh0tRyp3lY8X2xJZmo
Score10/10-
Trickbot
Developed in 2016, TrickBot is one of the more recent banking Trojans.
-
Trickbot family
-