Analysis
-
max time kernel
34s -
max time network
150s -
platform
windows10_x64 -
resource
win10v20201028 -
submitted
13-01-2021 00:06
Static task
static1
Behavioral task
behavioral1
Sample
a0b0aef5c02e61a40b37f0572428fc427a73d8d81015c879452e3b467641d180.exe
Resource
win7v20201028
General
-
Target
a0b0aef5c02e61a40b37f0572428fc427a73d8d81015c879452e3b467641d180.exe
-
Size
809KB
-
MD5
fcb19302ff27f3c31bd55e68a262f287
-
SHA1
3362099a6a8e58f21209cb6ec9afdd67d3959aad
-
SHA256
a0b0aef5c02e61a40b37f0572428fc427a73d8d81015c879452e3b467641d180
-
SHA512
66e2940063916a32e98c0df798be504f740a405c0424d2ff01d55934b890de2efeec0493d0820468ab70c6cfb8d4f3b23879ff32c8f1be39830a2783db2d7eb6
Malware Config
Extracted
trickbot
100010
rob35
5.34.180.180:443
64.74.160.228:443
198.46.198.116:443
5.34.180.185:443
107.152.46.188:443
195.123.241.214:443
23.254.224.2:443
107.172.188.113:443
200.52.147.93:443
185.198.59.45:443
45.14.226.101:443
185.82.126.38:443
85.204.116.139:443
45.155.173.248:443
103.91.244.50:443
45.230.244.20:443
45.226.124.226:443
187.84.95.6:443
186.250.157.116:443
186.137.85.76:443
36.94.62.207:443
182.253.107.34:443
180.92.158.244:443
-
autorunName:pwgrab
Signatures
Processes
-
C:\Users\Admin\AppData\Local\Temp\a0b0aef5c02e61a40b37f0572428fc427a73d8d81015c879452e3b467641d180.exe"C:\Users\Admin\AppData\Local\Temp\a0b0aef5c02e61a40b37f0572428fc427a73d8d81015c879452e3b467641d180.exe"1⤵
-
C:\Windows\system32\cmd.exeC:\Windows\system32\cmd.exe2⤵
Network
MITRE ATT&CK Matrix
Replay Monitor
Loading Replay Monitor...
Downloads
-
memory/184-2-0x0000000000000000-mapping.dmp