nworm | 969bf85fa53fdd3a9ff05742f1c4bc07a47548df1919b9eea97e497bd93fa3fe | Triage

Sharing

General

Target

969bf85fa53fdd3a9ff05742f1c4bc07a47548df1919b9eea97e497bd93fa3fe.bin
Size

16KB
Sample

220126-r9yklaebaj
MD5

be406519fff73c410739350f866dc170
SHA1

be287ac93ec8fb38027bbfc012d16cd0bdf2e202
SHA256

969bf85fa53fdd3a9ff05742f1c4bc07a47548df1919b9eea97e497bd93fa3fe
SHA512

c922f45bfa948091c840bd3d4f4a9412487dbfda938be56563c91e0cf144d941e89038637d28bc95f865606bd593b870faa388db1797491e6504160c4f96465b

Score

10^/10

nworm downloader worm

Malware Config

Extracted

Family

nworm

Version

v0.3.8

C2

193.161.193.99:8068

Mutex

20a611a2

Targets

- Target
  
  969bf85fa53fdd3a9ff05742f1c4bc07a47548df1919b9eea97e497bd93fa3fe.bin
- Size
  
  16KB
- MD5
  
  be406519fff73c410739350f866dc170
- SHA1
  
  be287ac93ec8fb38027bbfc012d16cd0bdf2e202
- SHA256
  
  969bf85fa53fdd3a9ff05742f1c4bc07a47548df1919b9eea97e497bd93fa3fe
- SHA512
  
  c922f45bfa948091c840bd3d4f4a9412487dbfda938be56563c91e0cf144d941e89038637d28bc95f865606bd593b870faa388db1797491e6504160c4f96465b
Score

10^/10

nworm downloader worm
- NWorm
  A TrickBot module used to propagate to vulnerable domain controllers.
  worm downloader nworm
behavioral1 behavioral2

MITRE ATT&CK Matrix

Tasks

static1

behavioral1

nwormdownloaderworm

behavioral2

nwormdownloaderworm