Overview

overview

10

Static

static

10

162be825ad...1d.exe

windows7_x64

10

162be825ad...1d.exe

windows10_x64

10

Sharing

Copy URL
Twitter E-mail

General

  • Target

    162be825adc37d92d3d43d15b6bf960f67d0aab3fa6e854034f396074582ff1d.bin

  • Size

    17KB

  • Sample

    220126-r9sdkseagm

  • MD5

    387d598af1ab8e2f3c611d5df5e4c441

  • SHA1

    9bdee4fe605b4a35c923c53530ccb2eda98f3e09

  • SHA256

    162be825adc37d92d3d43d15b6bf960f67d0aab3fa6e854034f396074582ff1d

  • SHA512

    c32298a93be95e8c112d8bd49222df8b79530e25e198f8df8c2f8834b2d9a745cab9c982c8f239293ea373c71fbe22e179c5ab9091ba9a66917a28dd1c6dd7a6

Score
10/10
nwormdownloaderworm

Malware Config

Extracted

Family

nworm

Version

v0.3.8

C2

127.0.0.1:1133

Mutex

d6918d59

Targets

    • Target

      162be825adc37d92d3d43d15b6bf960f67d0aab3fa6e854034f396074582ff1d.bin

    • Size

      17KB

    • MD5

      387d598af1ab8e2f3c611d5df5e4c441

    • SHA1

      9bdee4fe605b4a35c923c53530ccb2eda98f3e09

    • SHA256

      162be825adc37d92d3d43d15b6bf960f67d0aab3fa6e854034f396074582ff1d

    • SHA512

      c32298a93be95e8c112d8bd49222df8b79530e25e198f8df8c2f8834b2d9a745cab9c982c8f239293ea373c71fbe22e179c5ab9091ba9a66917a28dd1c6dd7a6

    Score
    10/10
    nwormdownloaderworm

    • NWorm

      A TrickBot module used to propagate to vulnerable domain controllers.

      wormdownloadernworm
    behavioral1behavioral2

MITRE ATT&CK Matrix

Tasks