Analysis
-
max time kernel
170s -
max time network
168s -
platform
windows10_x64 -
resource
win10-en-20211208 -
submitted
26-01-2022 14:53
Static task
static1
Behavioral task
behavioral1
Sample
569576bc9e4cc25c0e01e57a76072605e5521aecd49f17ce6a02a515ec809897.exe
Resource
win7-en-20211208
Behavioral task
behavioral2
Sample
569576bc9e4cc25c0e01e57a76072605e5521aecd49f17ce6a02a515ec809897.exe
Resource
win10-en-20211208
General
-
Target
569576bc9e4cc25c0e01e57a76072605e5521aecd49f17ce6a02a515ec809897.exe
-
Size
16KB
-
MD5
e0b2e3bfe7bb0d1e0299b92039959d25
-
SHA1
58c5d065b3be45b6ad8eb649c8987a2370f2b6a0
-
SHA256
569576bc9e4cc25c0e01e57a76072605e5521aecd49f17ce6a02a515ec809897
-
SHA512
0a3ebbd64f44c503509db74f75286af18a8f79534fea692e547f4669eeb132219e953fa935ae836712a1a617d558e346712a841bb29f39c00bb00a00e19906ad
Malware Config
Extracted
nworm
v0.3.8
127.0.0.1:1111
c8351ca1
Signatures
-
NWorm
A TrickBot module used to propagate to vulnerable domain controllers.