General
-
Target
shiybnyrsolu.exe
-
Size
532KB
-
Sample
201230-2pnedj57aj
-
MD5
59ea5e429638fa0801683014a19f10ac
-
SHA1
eb4bb017b2d14017f44ea32c01c54871215ea09a
-
SHA256
89ba36ddab48b3cdd3a8db026463e79391c6ca7f0b04a9ea8b71969add67b276
-
SHA512
55df4ff121e7948917968c54911a49bcf140970162b365da1bf6027db3eea47021b43798e6b3a78906bac9b34e6c97e61dbb2a0f0531cd75bf486e2eb6387b98
Static task
static1
Malware Config
Extracted
trickbot
100007
mor5
103.87.25.220:443
103.98.129.222:449
41.243.29.182:449
103.87.25.220:449
196.45.140.146:449
103.65.196.44:449
103.65.195.95:449
103.61.101.11:449
103.61.100.131:449
103.150.68.124:449
103.137.81.206:449
103.126.185.7:449
103.112.145.58:449
103.110.53.174:449
102.164.208.48:449
102.164.208.44:449
-
autorunName:pwgrab
Targets
-
-
Target
shiybnyrsolu.exe
-
Size
532KB
-
MD5
59ea5e429638fa0801683014a19f10ac
-
SHA1
eb4bb017b2d14017f44ea32c01c54871215ea09a
-
SHA256
89ba36ddab48b3cdd3a8db026463e79391c6ca7f0b04a9ea8b71969add67b276
-
SHA512
55df4ff121e7948917968c54911a49bcf140970162b365da1bf6027db3eea47021b43798e6b3a78906bac9b34e6c97e61dbb2a0f0531cd75bf486e2eb6387b98
-
Looks up external IP address via web service
Uses a legitimate IP lookup service to find the infected system's external IP.
-