General
-
Target
b5ef0dd86a3fb068a1eef951a9e9bcd1.exe
-
Size
630KB
-
Sample
210116-yfbgweax36
-
MD5
b5ef0dd86a3fb068a1eef951a9e9bcd1
-
SHA1
098e8b092629f8b1ab59d20b4ebbe39725b2064b
-
SHA256
b6af20ac6ddedad4f914bcb11c08e5399a4aadade16365bae3a5cb1611371e89
-
SHA512
45b1477ba4900eaae9731a5f182ff566ba1b9c023db5a0a251779956ea6c2167a4175c182d977b210ec056233237c31981a32593e089ac97418d656678e8fb73
Static task
static1
Malware Config
Extracted
trickbot
100010
rob38
5.34.180.180:443
64.74.160.228:443
198.46.198.116:443
5.34.180.185:443
107.152.46.188:443
195.123.241.214:443
23.254.224.2:443
107.172.188.113:443
200.52.147.93:443
185.198.59.45:443
45.14.226.101:443
185.82.126.38:443
85.204.116.139:443
45.155.173.248:443
103.91.244.50:443
45.230.244.20:443
45.226.124.226:443
187.84.95.6:443
186.250.157.116:443
186.137.85.76:443
36.94.62.207:443
182.253.107.34:443
180.92.158.244:443
-
autorunName:pwgrab
Targets
-
-
Target
b5ef0dd86a3fb068a1eef951a9e9bcd1.exe
-
Size
630KB
-
MD5
b5ef0dd86a3fb068a1eef951a9e9bcd1
-
SHA1
098e8b092629f8b1ab59d20b4ebbe39725b2064b
-
SHA256
b6af20ac6ddedad4f914bcb11c08e5399a4aadade16365bae3a5cb1611371e89
-
SHA512
45b1477ba4900eaae9731a5f182ff566ba1b9c023db5a0a251779956ea6c2167a4175c182d977b210ec056233237c31981a32593e089ac97418d656678e8fb73
-
Looks up external IP address via web service
Uses a legitimate IP lookup service to find the infected system's external IP.
-