Analysis
-
max time kernel
152s -
max time network
121s -
platform
windows7_x64 -
resource
win7-en-20211208 -
submitted
26-01-2022 14:54
Static task
static1
Behavioral task
behavioral1
Sample
63da5f977c3e0f1c30e82bf3956ab14842499d82ee73de9b52341269a355a563.exe
Resource
win7-en-20211208
Behavioral task
behavioral2
Sample
63da5f977c3e0f1c30e82bf3956ab14842499d82ee73de9b52341269a355a563.exe
Resource
win10-en-20211208
General
-
Target
63da5f977c3e0f1c30e82bf3956ab14842499d82ee73de9b52341269a355a563.exe
-
Size
82KB
-
MD5
473cf9aad97cfa60a5e7c0f548b31054
-
SHA1
a55d70047a57dad83177dcdd18e3af3bed709f32
-
SHA256
63da5f977c3e0f1c30e82bf3956ab14842499d82ee73de9b52341269a355a563
-
SHA512
725ff211c971ea4cb97e6a222154a714cd8ab348c5a3f7ec839c01588c1bddeafddca6afb9eeb6e0e04019a8fae9bbdd4981a7cc77ba23c3518b222b381a3876
Malware Config
Extracted
nworm
v0.3.8
127.0.0.1:3333
99241667
Signatures
-
NWorm
A TrickBot module used to propagate to vulnerable domain controllers.