Analysis
-
max time kernel
151s -
max time network
146s -
platform
windows10_x64 -
resource
win10-en-20211208 -
submitted
26-01-2022 14:53
Static task
static1
Behavioral task
behavioral1
Sample
40a77ce9110c003d0821ffa4812eea8372631e63de2d655a05090062b483137b.exe
Resource
win7-en-20211208
Behavioral task
behavioral2
Sample
40a77ce9110c003d0821ffa4812eea8372631e63de2d655a05090062b483137b.exe
Resource
win10-en-20211208
General
-
Target
40a77ce9110c003d0821ffa4812eea8372631e63de2d655a05090062b483137b.exe
-
Size
16KB
-
MD5
00387b3afdee43a322534b15a6d1e8ca
-
SHA1
4b3cdd9641e3e8ab61ffb3cae048b24521f61726
-
SHA256
40a77ce9110c003d0821ffa4812eea8372631e63de2d655a05090062b483137b
-
SHA512
df9ed64408ac1e0b11856d20306c4adabbbad9be6aa7c3fb78c1ce28f43d480f3130b47929291476dabc19998a65385d9ac73cca4de8a7ade3f2a31c23fa7a5e
Malware Config
Extracted
nworm
v0.3.8
20.188.45.59:4782
da665cb6
Signatures
-
NWorm
A TrickBot module used to propagate to vulnerable domain controllers.