nworm | 68c2217c94a19655ebc79c469071d11f0b731f4ca39f15631a641375fae4a2a5 | Triage

Sharing

General

Target

68c2217c94a19655ebc79c469071d11f0b731f4ca39f15631a641375fae4a2a5.bin
Size

16KB
Sample

220126-r9wq1aeahp
MD5

dafc7c426550a5df091c08a2a311a8d5
SHA1

c8e08eafa8fe6d53a1e43bcdbf9ef44d5978428b
SHA256

68c2217c94a19655ebc79c469071d11f0b731f4ca39f15631a641375fae4a2a5
SHA512

36938621c89788e51e55cd63a6fcb84195202d9ab1772057030bda102618739190f71a46c015ae0d855eb8d2e42d9e222e3ef3ffd19dd221ec08de89946e862c

Score

10^/10

nworm downloader worm

Malware Config

Extracted

Family

nworm

Version

v0.3.8

C2

Jonathin8068-24257.portmap.host:60149

Mutex

43808f53

Targets

- Target
  
  68c2217c94a19655ebc79c469071d11f0b731f4ca39f15631a641375fae4a2a5.bin
- Size
  
  16KB
- MD5
  
  dafc7c426550a5df091c08a2a311a8d5
- SHA1
  
  c8e08eafa8fe6d53a1e43bcdbf9ef44d5978428b
- SHA256
  
  68c2217c94a19655ebc79c469071d11f0b731f4ca39f15631a641375fae4a2a5
- SHA512
  
  36938621c89788e51e55cd63a6fcb84195202d9ab1772057030bda102618739190f71a46c015ae0d855eb8d2e42d9e222e3ef3ffd19dd221ec08de89946e862c
Score

10^/10

nworm downloader worm
- NWorm
  A TrickBot module used to propagate to vulnerable domain controllers.
  worm downloader nworm
behavioral1 behavioral2

MITRE ATT&CK Matrix

Tasks

static1

behavioral1

nwormdownloaderworm

behavioral2

nwormdownloaderworm