General
-
Target
194f14146ed498074cb229f3941740463913e79bc4a08a765f2ffd490dfbbdd0
-
Size
770KB
-
Sample
220128-v6dmsshddm
-
MD5
c260778d9f42f41fb6cec732da7ffb1e
-
SHA1
eea8449c46eb6e3cd22009b90b84e0498147bd3e
-
SHA256
194f14146ed498074cb229f3941740463913e79bc4a08a765f2ffd490dfbbdd0
-
SHA512
c94f3fa4f1c1852f252edf8d875fee1aa387e80da9229db3b40661a0c53e1f86b2d71f635197b57d112749f557ef28ea36edf261194bd7a85c0bd51b4fa8ab86
Static task
static1
Behavioral task
behavioral1
Sample
194f14146ed498074cb229f3941740463913e79bc4a08a765f2ffd490dfbbdd0.exe
Resource
win7-en-20211208
Malware Config
Extracted
trickbot
1000480
trgt5688
192.3.104.46:443
23.94.233.210:443
172.82.152.126:443
192.3.247.11:443
202.29.215.114:449
-
autorunControl:GetSystemInfoName:systeminfoName:pwgrab
Targets
-
-
Target
194f14146ed498074cb229f3941740463913e79bc4a08a765f2ffd490dfbbdd0
-
Size
770KB
-
MD5
c260778d9f42f41fb6cec732da7ffb1e
-
SHA1
eea8449c46eb6e3cd22009b90b84e0498147bd3e
-
SHA256
194f14146ed498074cb229f3941740463913e79bc4a08a765f2ffd490dfbbdd0
-
SHA512
c94f3fa4f1c1852f252edf8d875fee1aa387e80da9229db3b40661a0c53e1f86b2d71f635197b57d112749f557ef28ea36edf261194bd7a85c0bd51b4fa8ab86
-
Trickbot x86 loader
Detected Trickbot's x86 loader that unpacks the x86 payload.
-
Executes dropped EXE
-
Loads dropped DLL
-