General

  • Target

    3ab810973efe13af16639485547817bf1a84bb84

  • Size

    388KB

  • Sample

    191018-hqb4vww18x

  • MD5

    872a82b606ab24ed8f04fc1c7b98981a

  • SHA1

    3ab810973efe13af16639485547817bf1a84bb84

  • SHA256

    16eecff3664f44f07c5c32367f1b87b7f659181a6530a9c3a50c57879a4ce9b7

  • SHA512

    dc150944dd2e3a0a71aeca486612e74bc24805a47dc702670b8be7bc3408056dd7021ee374e4f494081c94ef05d1cd47afde52316afd09ed4ba022ca034b8ab0

Score
10/10

Malware Config

Targets

    • Target

      3ab810973efe13af16639485547817bf1a84bb84

    • Size

      388KB

    • MD5

      872a82b606ab24ed8f04fc1c7b98981a

    • SHA1

      3ab810973efe13af16639485547817bf1a84bb84

    • SHA256

      16eecff3664f44f07c5c32367f1b87b7f659181a6530a9c3a50c57879a4ce9b7

    • SHA512

      dc150944dd2e3a0a71aeca486612e74bc24805a47dc702670b8be7bc3408056dd7021ee374e4f494081c94ef05d1cd47afde52316afd09ed4ba022ca034b8ab0

    Score
    10/10
    • Trickbot persistence files

    • trickbot family

    • Executes dropped EXE

    • Loads dropped DLL

    • Windows security modification

    • Checks system information in the registry (likely anti-VM)

    • Modifies service

MITRE ATT&CK Enterprise v6

Tasks