General

  • Target

    2633abb800c264c6193fc4afecbb44df272f1db8d332eec1bb9adcd993c97e3d.bin

  • Size

    17KB

  • Sample

    220126-szjjcseefr

  • MD5

    567a432113ebf6eca6942685a0ce312e

  • SHA1

    9fcca30ee68b33d36a6da325f1fd460483b686ee

  • SHA256

    2633abb800c264c6193fc4afecbb44df272f1db8d332eec1bb9adcd993c97e3d

  • SHA512

    c91076b0ff21cd40b5ae3c498d37a8a8554a9ac0dfa8a28ae350487dc99994d4c02fcfcec932640d481ce8ada49ed5b14ec5b601a0ee1f390abcfaed63cb3512

Score
10/10

Malware Config

Extracted

Family

nworm

Version

v0.3.8

C2

141.255.151.126:54984

Mutex

87ca7a0e

Targets

    • Target

      2633abb800c264c6193fc4afecbb44df272f1db8d332eec1bb9adcd993c97e3d.bin

    • Size

      17KB

    • MD5

      567a432113ebf6eca6942685a0ce312e

    • SHA1

      9fcca30ee68b33d36a6da325f1fd460483b686ee

    • SHA256

      2633abb800c264c6193fc4afecbb44df272f1db8d332eec1bb9adcd993c97e3d

    • SHA512

      c91076b0ff21cd40b5ae3c498d37a8a8554a9ac0dfa8a28ae350487dc99994d4c02fcfcec932640d481ce8ada49ed5b14ec5b601a0ee1f390abcfaed63cb3512

    Score
    10/10
    • NWorm

      A TrickBot module used to propagate to vulnerable domain controllers.

MITRE ATT&CK Matrix

Tasks