General
-
Target
648cf657cd14439e121887567f1dc9aa
-
Size
332KB
-
Sample
201117-wd9whsqn2x
-
MD5
af0222d56794bcb5bf9da6ecd8dff5b5
-
SHA1
2d305d8071caffa60acc4a8565c58f2e15c6a397
-
SHA256
1e193385fa315c3c554ab94715651e6c080573d60fbd6b16a6dacde14d771ed4
-
SHA512
7cd991592202a0be840a71cdf52f784d5fe0060ec8ebd4303d12e59676f5ea61886f794638ede2ba4c363f0004273d909ebf89552287528a688e40e7127e5436
Static task
static1
Behavioral task
behavioral1
Sample
648cf657cd14439e121887567f1dc9aa.exe
Resource
win7v20201028
Malware Config
Extracted
trickbot
1000511
lib724
5.182.211.215:443
144.91.76.208:443
185.99.2.57:443
134.119.191.38:443
195.123.238.17:443
95.171.16.42:443
85.204.116.238:443
185.234.72.242:443
178.157.82.227:443
185.90.61.9:443
45.148.120.205:443
85.204.116.241:443
5.1.81.68:443
51.81.112.191:443
23.239.84.138:443
194.5.250.180:443
194.87.93.114:443
190.214.13.2:449
181.129.104.139:449
181.112.157.42:449
181.129.134.18:449
131.161.253.190:449
121.100.19.18:449
202.29.215.114:449
171.100.142.238:449
190.136.178.52:449
45.6.16.68:449
110.232.76.39:449
122.50.6.122:449
103.12.161.194:449
36.91.45.10:449
103.227.147.82:449
96.9.77.56:449
103.5.231.188:449
110.93.15.98:449
200.171.101.169:449
-
autorunName:pwgrab
Targets
-
-
Target
648cf657cd14439e121887567f1dc9aa
-
Size
332KB
-
MD5
af0222d56794bcb5bf9da6ecd8dff5b5
-
SHA1
2d305d8071caffa60acc4a8565c58f2e15c6a397
-
SHA256
1e193385fa315c3c554ab94715651e6c080573d60fbd6b16a6dacde14d771ed4
-
SHA512
7cd991592202a0be840a71cdf52f784d5fe0060ec8ebd4303d12e59676f5ea61886f794638ede2ba4c363f0004273d909ebf89552287528a688e40e7127e5436
-
Dave packer
Detects executable packed with a packer named 'Dave' from the community, due to a string at the end of it.
-
Executes dropped EXE
-
Loads dropped DLL
-