General

  • Target

    f0a6bef71d57feee7c036899edc337bc1fb69160

  • Size

    360KB

  • Sample

    191018-tfbpyxqage

  • MD5

    8d1329c53ce1c98d83f58f9d76c10c44

  • SHA1

    f0a6bef71d57feee7c036899edc337bc1fb69160

  • SHA256

    52e472778acc393299cfcdfcec641895b464770da12c3d0cf2e4430201815241

  • SHA512

    9527f0980545589c20400dc99f650dce74dbb1faf2097bb696e2f59f30051bbb4910290a60b43db818563f428698d31b3103739afb849138a4ffb4d682d2285c

Score
10/10

Malware Config

Targets

    • Target

      f0a6bef71d57feee7c036899edc337bc1fb69160

    • Size

      360KB

    • MD5

      8d1329c53ce1c98d83f58f9d76c10c44

    • SHA1

      f0a6bef71d57feee7c036899edc337bc1fb69160

    • SHA256

      52e472778acc393299cfcdfcec641895b464770da12c3d0cf2e4430201815241

    • SHA512

      9527f0980545589c20400dc99f650dce74dbb1faf2097bb696e2f59f30051bbb4910290a60b43db818563f428698d31b3103739afb849138a4ffb4d682d2285c

    Score
    10/10
    • Trickbot persistence files

    • trickbot family

    • Executes dropped EXE

    • Loads dropped DLL

    • Windows security modification

    • Checks system information in the registry (likely anti-VM)

    • Modifies service

MITRE ATT&CK Enterprise v6

Tasks