nworm | 63da5f977c3e0f1c30e82bf3956ab14842499d82ee73de9b52341269a355a563 | Triage

Sharing

General

Target

63da5f977c3e0f1c30e82bf3956ab14842499d82ee73de9b52341269a355a563.bin
Size

82KB
Sample

220126-r9we8seeg4
MD5

473cf9aad97cfa60a5e7c0f548b31054
SHA1

a55d70047a57dad83177dcdd18e3af3bed709f32
SHA256

63da5f977c3e0f1c30e82bf3956ab14842499d82ee73de9b52341269a355a563
SHA512

725ff211c971ea4cb97e6a222154a714cd8ab348c5a3f7ec839c01588c1bddeafddca6afb9eeb6e0e04019a8fae9bbdd4981a7cc77ba23c3518b222b381a3876

Score

10^/10

nworm downloader worm

Malware Config

Extracted

Family

nworm

Version

v0.3.8

C2

127.0.0.1:3333

Mutex

99241667

Targets

- Target
  
  63da5f977c3e0f1c30e82bf3956ab14842499d82ee73de9b52341269a355a563.bin
- Size
  
  82KB
- MD5
  
  473cf9aad97cfa60a5e7c0f548b31054
- SHA1
  
  a55d70047a57dad83177dcdd18e3af3bed709f32
- SHA256
  
  63da5f977c3e0f1c30e82bf3956ab14842499d82ee73de9b52341269a355a563
- SHA512
  
  725ff211c971ea4cb97e6a222154a714cd8ab348c5a3f7ec839c01588c1bddeafddca6afb9eeb6e0e04019a8fae9bbdd4981a7cc77ba23c3518b222b381a3876
Score

10^/10

nworm downloader worm
- NWorm
  A TrickBot module used to propagate to vulnerable domain controllers.
  worm downloader nworm
behavioral1 behavioral2

MITRE ATT&CK Matrix

Tasks

static1

behavioral1

nwormdownloaderworm

behavioral2

nwormdownloaderworm