General
-
Target
DVOBSNDSOG.dll
-
Size
382KB
-
Sample
201006-ml429jtxvs
-
MD5
7c537f7a08f180c10cfe5a64741909b3
-
SHA1
09a41c9d0aa71a05daf10ef11fd615b6208b5db6
-
SHA256
c965159b432c96ca529d359e82bf92bf6b5199ff686d6a31c20ab7741c719df2
-
SHA512
fecb709fa35ff2bd059c0a244900c92b7560b8d12539baee161207824024cfbba15714ef8ce99fe4ad6333038f619d01b399a0d1be533379be8653b14a5460bc
Static task
static1
Behavioral task
behavioral1
Sample
DVOBSNDSOG.dll
Resource
win7v200722
Malware Config
Extracted
trickbot
2000010
ono78
195.123.239.59:443
85.143.219.36:443
94.250.254.84:443
94.250.255.217:443
212.80.219.98:443
91.210.171.82:443
45.8.230.108:443
194.156.98.172:443
195.2.93.227:443
62.108.35.179:443
91.200.101.192:443
194.5.249.31:443
195.123.241.157:443
104.161.32.10:443
88.150.197.186:443
62.108.35.204:443
45.155.173.196:443
51.89.177.18:443
194.5.249.107:443
195.123.241.182:443
-
autorunName:pwgrab
Targets
-
-
Target
DVOBSNDSOG.dll
-
Size
382KB
-
MD5
7c537f7a08f180c10cfe5a64741909b3
-
SHA1
09a41c9d0aa71a05daf10ef11fd615b6208b5db6
-
SHA256
c965159b432c96ca529d359e82bf92bf6b5199ff686d6a31c20ab7741c719df2
-
SHA512
fecb709fa35ff2bd059c0a244900c92b7560b8d12539baee161207824024cfbba15714ef8ce99fe4ad6333038f619d01b399a0d1be533379be8653b14a5460bc
-
Looks up external IP address via web service
Uses a legitimate IP lookup service to find the infected system's external IP.
-