General
-
Target
subzero.png.dll
-
Size
706KB
-
Sample
211021-sxrf7aaeb3
-
MD5
a3e7540eaef734b4f74c23bfda1023a0
-
SHA1
377859b3d44cd40f21fb20b682169b447c0e8fb2
-
SHA256
65234c8a08c9a5e2e81af11e4be56eaee3ec00c9063069ab9d97770d6f31ba6b
-
SHA512
84e0aea7b15608d59401c3124c82bc599a629e6d4f95b75c58d8bb204071acc2c40160ca5a3a50553c2c472401fb51513530e7f28fbb5531321216577c1657b3
Static task
static1
Behavioral task
behavioral1
Sample
subzero.png.dll
Resource
win7-en-20210920
Malware Config
Extracted
trickbot
100019
rob136
65.152.201.203:443
185.56.175.122:443
46.99.175.217:443
179.189.229.254:443
46.99.175.149:443
181.129.167.82:443
216.166.148.187:443
46.99.188.223:443
128.201.76.252:443
62.99.79.77:443
60.51.47.65:443
24.162.214.166:443
45.36.99.184:443
97.83.40.67:443
184.74.99.214:443
103.105.254.17:443
62.99.76.213:443
82.159.149.52:443
-
autorunName:pwgrabbName:pwgrabc
Targets
-
-
Target
subzero.png.dll
-
Size
706KB
-
MD5
a3e7540eaef734b4f74c23bfda1023a0
-
SHA1
377859b3d44cd40f21fb20b682169b447c0e8fb2
-
SHA256
65234c8a08c9a5e2e81af11e4be56eaee3ec00c9063069ab9d97770d6f31ba6b
-
SHA512
84e0aea7b15608d59401c3124c82bc599a629e6d4f95b75c58d8bb204071acc2c40160ca5a3a50553c2c472401fb51513530e7f28fbb5531321216577c1657b3
-
Looks up external IP address via web service
Uses a legitimate IP lookup service to find the infected system's external IP.
-