General
-
Target
a085aab6c4d8cbc72954160639bb876d0531595a5baa2ff3321b323a55b13560
-
Size
768KB
-
Sample
210511-cbz29z88x6
-
MD5
958f2d2965ef9b6b23134513688d36aa
-
SHA1
5929406e2f36f8ad79c45ace27e437d6023fb638
-
SHA256
a085aab6c4d8cbc72954160639bb876d0531595a5baa2ff3321b323a55b13560
-
SHA512
56cbf9d0875e603ce3af6948e387043644c54481c3ddd99441686dc530164046e243f644b7aad00b215186b6b9f9d2e6772213da901176858bd6c4fe1b2a7a05
Static task
static1
Behavioral task
behavioral1
Sample
a085aab6c4d8cbc72954160639bb876d0531595a5baa2ff3321b323a55b13560.dll
Resource
win7v20210410
Malware Config
Extracted
trickbot
100013
mon123
103.225.138.94:449
122.2.28.70:449
123.200.26.246:449
131.255.106.152:449
142.112.79.223:449
154.126.176.30:449
180.92.238.186:449
187.20.217.129:449
201.20.118.122:449
202.91.41.138:449
95.210.118.90:449
-
autorunName:pwgrab
Targets
-
-
Target
a085aab6c4d8cbc72954160639bb876d0531595a5baa2ff3321b323a55b13560
-
Size
768KB
-
MD5
958f2d2965ef9b6b23134513688d36aa
-
SHA1
5929406e2f36f8ad79c45ace27e437d6023fb638
-
SHA256
a085aab6c4d8cbc72954160639bb876d0531595a5baa2ff3321b323a55b13560
-
SHA512
56cbf9d0875e603ce3af6948e387043644c54481c3ddd99441686dc530164046e243f644b7aad00b215186b6b9f9d2e6772213da901176858bd6c4fe1b2a7a05
-
Templ.dll packer
Detects Templ.dll packer which usually loads Trickbot.
-