Overview

overview

10

Static

static

10

07d998fb1a...c1.exe

windows7_x64

10

07d998fb1a...c1.exe

windows10_x64

10

Sharing

Copy URL
Twitter E-mail

General

  • Target

    07d998fb1a327ee7a02638aa98df51205eecb20af8a41e0b614e4437ded6bcc1.bin

  • Size

    16KB

  • Sample

    220126-r9rr2seef6

  • MD5

    7935ea749427fed0f89cb84d1bba9565

  • SHA1

    eb000b510d984b3173fc9e425612d3e87386b92a

  • SHA256

    07d998fb1a327ee7a02638aa98df51205eecb20af8a41e0b614e4437ded6bcc1

  • SHA512

    ada60652c4a6fb5c3661261bc53a2667c3f8b7aefe4cbf6eb1a803fcf3e742f8aecb86625ce3256a8b1b4166465ce4756e82397ac15d5b2a605fb0e35f3c236e

Score
10/10
nwormdownloaderworm

Malware Config

Extracted

Family

nworm

Version

v0.3.8

C2

66.70.242.36:8080

127.0.0.0:8080
Mutex

857b4867

Targets

    • Target

      07d998fb1a327ee7a02638aa98df51205eecb20af8a41e0b614e4437ded6bcc1.bin

    • Size

      16KB

    • MD5

      7935ea749427fed0f89cb84d1bba9565

    • SHA1

      eb000b510d984b3173fc9e425612d3e87386b92a

    • SHA256

      07d998fb1a327ee7a02638aa98df51205eecb20af8a41e0b614e4437ded6bcc1

    • SHA512

      ada60652c4a6fb5c3661261bc53a2667c3f8b7aefe4cbf6eb1a803fcf3e742f8aecb86625ce3256a8b1b4166465ce4756e82397ac15d5b2a605fb0e35f3c236e

    Score
    10/10
    nwormdownloaderworm

    • NWorm

      A TrickBot module used to propagate to vulnerable domain controllers.

      wormdownloadernworm
    behavioral1behavioral2

MITRE ATT&CK Matrix

Tasks