General

  • Target

    ecf315df8321b5bee5395cff7add2206d385dab0

  • Size

    428KB

  • Sample

    191018-tgvqksr3x6

  • MD5

    89bee1f7f5569db11cf80872726240a9

  • SHA1

    ecf315df8321b5bee5395cff7add2206d385dab0

  • SHA256

    1a99aa6e1384825cc743edcded40b73c73eea21e0d965c8ac38361291d6f7373

  • SHA512

    6b834bf6e0f4b04d62c6fbfc87d56fadeda151ad3c9c5c44defc3a1c8b2ab9a342934d16056d5162cd133c498159217ce31666957586b43e3e134156d2e194ff

Score
10/10

Malware Config

Targets

    • Target

      ecf315df8321b5bee5395cff7add2206d385dab0

    • Size

      428KB

    • MD5

      89bee1f7f5569db11cf80872726240a9

    • SHA1

      ecf315df8321b5bee5395cff7add2206d385dab0

    • SHA256

      1a99aa6e1384825cc743edcded40b73c73eea21e0d965c8ac38361291d6f7373

    • SHA512

      6b834bf6e0f4b04d62c6fbfc87d56fadeda151ad3c9c5c44defc3a1c8b2ab9a342934d16056d5162cd133c498159217ce31666957586b43e3e134156d2e194ff

    Score
    10/10
    • Trickbot persistence files

    • trickbot family

    • Executes dropped EXE

    • Loads dropped DLL

    • Windows security modification

    • Checks system information in the registry (likely anti-VM)

    • Modifies service

MITRE ATT&CK Enterprise v6

Tasks