General
-
Target
055038bf80ad77b090c01e7f2ef8b2d32ff42087e0a68389b4892c1dd63056b6
-
Size
970KB
-
Sample
210218-c7dxsvgkd6
-
MD5
95d4b9e71d85a6ad9ccd40d232a505d3
-
SHA1
ea45a137e592668e67c2116395799a3acd14b31a
-
SHA256
055038bf80ad77b090c01e7f2ef8b2d32ff42087e0a68389b4892c1dd63056b6
-
SHA512
c0f837c8fc09803622531efc15050c9eab4ffba78c79114295957ac27efa56023fe003eb188f96c5a774c5f73acb2994443bd979502395b13dd0f020840e9d4a
Static task
static1
Behavioral task
behavioral1
Sample
055038bf80ad77b090c01e7f2ef8b2d32ff42087e0a68389b4892c1dd63056b6.exe
Resource
win7v20201028
Malware Config
Extracted
trickbot
100010
rob35
5.34.180.180:443
64.74.160.228:443
198.46.198.116:443
5.34.180.185:443
107.152.46.188:443
195.123.241.214:443
23.254.224.2:443
107.172.188.113:443
200.52.147.93:443
185.198.59.45:443
45.14.226.101:443
185.82.126.38:443
85.204.116.139:443
45.155.173.248:443
103.91.244.50:443
45.230.244.20:443
45.226.124.226:443
187.84.95.6:443
186.250.157.116:443
186.137.85.76:443
36.94.62.207:443
182.253.107.34:443
180.92.158.244:443
-
autorunName:pwgrab
Targets
-
-
Target
055038bf80ad77b090c01e7f2ef8b2d32ff42087e0a68389b4892c1dd63056b6
-
Size
970KB
-
MD5
95d4b9e71d85a6ad9ccd40d232a505d3
-
SHA1
ea45a137e592668e67c2116395799a3acd14b31a
-
SHA256
055038bf80ad77b090c01e7f2ef8b2d32ff42087e0a68389b4892c1dd63056b6
-
SHA512
c0f837c8fc09803622531efc15050c9eab4ffba78c79114295957ac27efa56023fe003eb188f96c5a774c5f73acb2994443bd979502395b13dd0f020840e9d4a
-
Suspicious use of NtCreateProcessExOtherParentProcess
-
Blocklisted process makes network request
-