DllRegisterServer
Static task
static1
Behavioral task
behavioral1
Sample
tirckBot_fixed_04D60000.bin.dll
Resource
win7v20210410
windows7_x64
0 signatures
0 seconds
Behavioral task
behavioral2
Sample
tirckBot_fixed_04D60000.bin.dll
Resource
win10v20210408
windows10_x64
0 signatures
0 seconds
General
-
Target
tirckBot_fixed_04D60000.bin
-
Size
2.1MB
-
MD5
6d40412e4dc3bdd43615d84b4e7777f5
-
SHA1
94b3f503724b9d0c24a4e06c129af8846125a2c5
-
SHA256
4305827d45feb5eb49479582d15b1bc3ef1135d544f6c4ac0829014b06e81fd7
-
SHA512
a64d7dfc622e0c5c0719702cf13a2fdf380b101dcb25363010c38b2cf1bb364d095ed10fcecaa9e76a2caafc5b5c335d51f8d69d06e7bacecc62ce086b16cc4c
Score
9/10
Malware Config
Signatures
-
Templ.dll packer 1 IoCs
Detects Templ.dll packer which usually loads Trickbot.
Processes:
resource yara_rule sample templ_dll
Files
-
tirckBot_fixed_04D60000.bin.dll windows x86 regsvr32
Exports
Exports