General

  • Target

    569576bc9e4cc25c0e01e57a76072605e5521aecd49f17ce6a02a515ec809897.bin

  • Size

    16KB

  • Sample

    220126-r9tlmseahk

  • MD5

    e0b2e3bfe7bb0d1e0299b92039959d25

  • SHA1

    58c5d065b3be45b6ad8eb649c8987a2370f2b6a0

  • SHA256

    569576bc9e4cc25c0e01e57a76072605e5521aecd49f17ce6a02a515ec809897

  • SHA512

    0a3ebbd64f44c503509db74f75286af18a8f79534fea692e547f4669eeb132219e953fa935ae836712a1a617d558e346712a841bb29f39c00bb00a00e19906ad

Score
10/10

Malware Config

Extracted

Family

nworm

Version

v0.3.8

C2

127.0.0.1:1111

Mutex

c8351ca1

Targets

    • Target

      569576bc9e4cc25c0e01e57a76072605e5521aecd49f17ce6a02a515ec809897.bin

    • Size

      16KB

    • MD5

      e0b2e3bfe7bb0d1e0299b92039959d25

    • SHA1

      58c5d065b3be45b6ad8eb649c8987a2370f2b6a0

    • SHA256

      569576bc9e4cc25c0e01e57a76072605e5521aecd49f17ce6a02a515ec809897

    • SHA512

      0a3ebbd64f44c503509db74f75286af18a8f79534fea692e547f4669eeb132219e953fa935ae836712a1a617d558e346712a841bb29f39c00bb00a00e19906ad

    Score
    10/10
    • NWorm

      A TrickBot module used to propagate to vulnerable domain controllers.

MITRE ATT&CK Matrix

Tasks