General

  • Target

    1aea1121475df57b5802c84583c4dc89500baa75

  • Size

    269KB

  • Sample

    191018-5prbh9aams

  • MD5

    7e56dd08f3ba9dd3b0c449da701d9ae4

  • SHA1

    1aea1121475df57b5802c84583c4dc89500baa75

  • SHA256

    7c06d1f53ccc14d4548b595f7c9afddf07be9c7a799e7a55a671cdf95e27bdca

  • SHA512

    43cf72edfabb797068995ce005938e3e24e348534866c45ca1f67f80e1c87c3c4c32f6c1d0bbf961edc821618ae09a919c1257167099615085a2bbc85d04d2a8

Score
10/10

Malware Config

Targets

    • Target

      1aea1121475df57b5802c84583c4dc89500baa75

    • Size

      269KB

    • MD5

      7e56dd08f3ba9dd3b0c449da701d9ae4

    • SHA1

      1aea1121475df57b5802c84583c4dc89500baa75

    • SHA256

      7c06d1f53ccc14d4548b595f7c9afddf07be9c7a799e7a55a671cdf95e27bdca

    • SHA512

      43cf72edfabb797068995ce005938e3e24e348534866c45ca1f67f80e1c87c3c4c32f6c1d0bbf961edc821618ae09a919c1257167099615085a2bbc85d04d2a8

    Score
    10/10
    • Trickbot persistence files

    • trickbot family

    • Executes dropped EXE

    • Loads dropped DLL

    • Windows security modification

    • Checks system information in the registry (likely anti-VM)

    • Modifies service

MITRE ATT&CK Enterprise v6

Tasks