Analysis
-
max time kernel
4s -
max time network
12s -
platform
windows7_x64 -
resource
win7v20210408 -
submitted
11-05-2021 18:05
Behavioral task
behavioral1
Sample
TrickBot_04F60000.bin.dll
Resource
win7v20210408
0 signatures
0 seconds
Behavioral task
behavioral2
Sample
TrickBot_04F60000.bin.dll
Resource
win10v20210408
0 signatures
0 seconds
General
-
Target
TrickBot_04F60000.bin.dll
-
Size
220KB
-
MD5
6b8363dee5ebf062c75e51fc9b0b61b9
-
SHA1
41bd1f66766de320ad6c90b2980b85505b440680
-
SHA256
a2c3dd2934c9adaeebd6948e2e18f61e680e3baf0b9494ee5e9ff0ed407634d7
-
SHA512
84d6406c2c817efca56560a597b9e0d685c00516e0963ae8c1355da0278caae6249ceb9d487dfef39446e41a9dcf9dcd9760fdb83b0f2739df58cfc3c45f7afc
Score
1/10
Malware Config
Signatures
-
Suspicious use of WriteProcessMemory 7 IoCs
Processes:
regsvr32.exedescription pid process target process PID 1944 wrote to memory of 1988 1944 regsvr32.exe regsvr32.exe PID 1944 wrote to memory of 1988 1944 regsvr32.exe regsvr32.exe PID 1944 wrote to memory of 1988 1944 regsvr32.exe regsvr32.exe PID 1944 wrote to memory of 1988 1944 regsvr32.exe regsvr32.exe PID 1944 wrote to memory of 1988 1944 regsvr32.exe regsvr32.exe PID 1944 wrote to memory of 1988 1944 regsvr32.exe regsvr32.exe PID 1944 wrote to memory of 1988 1944 regsvr32.exe regsvr32.exe