General
-
Target
Precision.dll
-
Size
263KB
-
Sample
210324-4edbrv7mka
-
MD5
6cd15c65394b3b10a008a295be6636a2
-
SHA1
04dff3ba7efc902331f798ff4100635140e47bd8
-
SHA256
0d3fdc1d1501628d2e0b7a77a8b77c39b6dbf2c4dc9a796cc31b751eda1dfc59
-
SHA512
036939474a315a80ba1c57a12f3d9d7461cc50fa31dea4bcfa03604536a3676e3ebc5bd4c611963688ccd5224e7b84a04f12b90b7a8e2f4c3c556d7f622f717f
Static task
static1
Behavioral task
behavioral1
Sample
Precision.dll
Resource
win7v20201028
Malware Config
Extracted
trickbot
2000027
rob35
174.105.236.140:443
67.79.117.70:443
162.155.225.130:443
70.235.74.189:443
72.164.254.204:443
173.219.76.169:443
98.6.253.142:443
137.27.167.58:443
24.182.101.64:449
50.208.68.153:443
67.212.241.127:443
99.147.197.147:443
216.186.128.26:443
174.105.233.82:443
70.119.220.241:443
70.125.241.196:443
24.153.175.236:443
96.68.79.18:443
75.87.15.158:443
47.190.2.12:443
72.180.57.176:443
173.198.151.86:443
47.51.219.98:443
162.155.10.150:443
162.155.69.74:443
71.15.77.155:443
-
autorunName:pwgrab
Targets
-
-
Target
Precision.dll
-
Size
263KB
-
MD5
6cd15c65394b3b10a008a295be6636a2
-
SHA1
04dff3ba7efc902331f798ff4100635140e47bd8
-
SHA256
0d3fdc1d1501628d2e0b7a77a8b77c39b6dbf2c4dc9a796cc31b751eda1dfc59
-
SHA512
036939474a315a80ba1c57a12f3d9d7461cc50fa31dea4bcfa03604536a3676e3ebc5bd4c611963688ccd5224e7b84a04f12b90b7a8e2f4c3c556d7f622f717f
-
Looks up external IP address via web service
Uses a legitimate IP lookup service to find the infected system's external IP.
-