General
-
Target
vacug12?time=VStv0kfzBMXCqz4JHwyu80T1Y&id=Upsdbw7Auwv44gzhC6NjnR9L3T5H
-
Size
542KB
-
Sample
210913-veze7aebb9
-
MD5
d4f34109b99b85bc400a804b1abb1ab4
-
SHA1
fe92e2dd70b3c948298112c5597bc8060dfecc4f
-
SHA256
6ff9d029693fdf8913c1aaae164a36896f5459050c85caa3da6cf82b9e4d9df8
-
SHA512
2c9aeafd3c7514a6879798a13b41ba5320a8f1bc946c6c82e5317e699f695c01727078a775110d647b93260545633d8e8b2e9495c232f645614a53385e087bdb
Static task
static1
Behavioral task
behavioral1
Sample
vacug12?time=VStv0kfzBMXCqz4JHwyu80T1Y&id=Upsdbw7Auwv44gzhC6NjnR9L3T5H.dll
Resource
win7-en
Behavioral task
behavioral2
Sample
vacug12?time=VStv0kfzBMXCqz4JHwyu80T1Y&id=Upsdbw7Auwv44gzhC6NjnR9L3T5H.dll
Resource
win10v20210408
Malware Config
Extracted
trickbot
2000033
zem1
179.42.137.102:443
191.36.152.198:443
179.42.137.104:443
179.42.137.106:443
179.42.137.108:443
202.183.12.124:443
194.190.18.122:443
103.56.207.230:443
171.103.187.218:449
171.103.189.118:449
18.139.111.104:443
179.42.137.105:443
186.4.193.75:443
171.101.229.2:449
179.42.137.107:443
103.56.43.209:449
179.42.137.110:443
45.181.207.156:443
197.44.54.162:449
179.42.137.109:443
103.59.105.226:449
45.181.207.101:443
117.196.236.205:443
72.224.45.102:449
179.42.137.111:443
96.47.239.181:443
171.100.112.190:449
117.196.239.6:443
-
autorunName:pwgrabbName:pwgrabc
Targets
-
-
Target
vacug12?time=VStv0kfzBMXCqz4JHwyu80T1Y&id=Upsdbw7Auwv44gzhC6NjnR9L3T5H
-
Size
542KB
-
MD5
d4f34109b99b85bc400a804b1abb1ab4
-
SHA1
fe92e2dd70b3c948298112c5597bc8060dfecc4f
-
SHA256
6ff9d029693fdf8913c1aaae164a36896f5459050c85caa3da6cf82b9e4d9df8
-
SHA512
2c9aeafd3c7514a6879798a13b41ba5320a8f1bc946c6c82e5317e699f695c01727078a775110d647b93260545633d8e8b2e9495c232f645614a53385e087bdb
-
Drops file in System32 directory
-