General

  • Target

    2f8b0b6435ca18da75e8ae2e6745718124a26f66

  • Size

    880KB

  • Sample

    191018-dj47fcq5ta

  • MD5

    6a86daaa778d10fa01d79b863098bb6a

  • SHA1

    2f8b0b6435ca18da75e8ae2e6745718124a26f66

  • SHA256

    73e462e48d639a6ed2bc798c451328260646fab7ef12d41381bcb48f9e5598b2

  • SHA512

    3843826aa581d81435cf0a3d1f60d7b7e34466b56f9f9ff7d7741f548223956eff8570226b8c30d377b3e3e9e53036587edfaf13c03dd73215b1ebc22bf03f39

Score
10/10

Malware Config

Targets

    • Target

      2f8b0b6435ca18da75e8ae2e6745718124a26f66

    • Size

      880KB

    • MD5

      6a86daaa778d10fa01d79b863098bb6a

    • SHA1

      2f8b0b6435ca18da75e8ae2e6745718124a26f66

    • SHA256

      73e462e48d639a6ed2bc798c451328260646fab7ef12d41381bcb48f9e5598b2

    • SHA512

      3843826aa581d81435cf0a3d1f60d7b7e34466b56f9f9ff7d7741f548223956eff8570226b8c30d377b3e3e9e53036587edfaf13c03dd73215b1ebc22bf03f39

    Score
    10/10
    • Trickbot persistence files

    • trickbot family

    • Executes dropped EXE

    • Loads dropped DLL

    • Windows security modification

    • Checks system information in the registry (likely anti-VM)

    • Modifies service

MITRE ATT&CK Enterprise v6

Tasks