General
-
Target
2f2a57f690a4d13b0a399eeec33716fe6c16f9499a682caa66a28af4cdfd8d20.bin
-
Size
139KB
-
Sample
201216-54sa6z6lgs
-
MD5
05c382dd1b48534ba3e76700dc274a42
-
SHA1
abd38142ad096b64a3b05b5be851df7c74e5426a
-
SHA256
2f2a57f690a4d13b0a399eeec33716fe6c16f9499a682caa66a28af4cdfd8d20
-
SHA512
ae729f7e208ee44b7a34275e9293150f345298fe9e7ce5a2329431080c5fc08e978f15c0c29a186af0fd7848fc1be32b3f7274584b48435bc8e1b1c3cd5703ee
Behavioral task
behavioral1
Sample
2f2a57f690a4d13b0a399eeec33716fe6c16f9499a682caa66a28af4cdfd8d20.bin.exe
Resource
win7v20201028
Malware Config
Extracted
trickbot
100007
rob22
41.243.29.182:449
196.45.140.146:449
103.87.25.220:443
103.98.129.222:449
103.87.25.220:449
103.65.196.44:449
103.65.195.95:449
103.61.101.11:449
103.61.100.131:449
103.150.68.124:449
103.137.81.206:449
103.126.185.7:449
103.112.145.58:449
103.110.53.174:449
102.164.208.48:449
102.164.208.44:449
-
autorunName:pwgrab
Targets
-
-
Target
2f2a57f690a4d13b0a399eeec33716fe6c16f9499a682caa66a28af4cdfd8d20.bin
-
Size
139KB
-
MD5
05c382dd1b48534ba3e76700dc274a42
-
SHA1
abd38142ad096b64a3b05b5be851df7c74e5426a
-
SHA256
2f2a57f690a4d13b0a399eeec33716fe6c16f9499a682caa66a28af4cdfd8d20
-
SHA512
ae729f7e208ee44b7a34275e9293150f345298fe9e7ce5a2329431080c5fc08e978f15c0c29a186af0fd7848fc1be32b3f7274584b48435bc8e1b1c3cd5703ee
-
Looks up external IP address via web service
Uses a legitimate IP lookup service to find the infected system's external IP.
-