General
-
Target
4b8f17d0b516f536d4bafce957990b494f1651b130827c2d066e2c4e592f44ec
-
Size
784KB
-
Sample
220128-vvnzdshdd5
-
MD5
f43b8aa0900c9257d2e0fd93981f6443
-
SHA1
fdb92c349397ef25f5a674f57c66a9d03d4eb149
-
SHA256
4b8f17d0b516f536d4bafce957990b494f1651b130827c2d066e2c4e592f44ec
-
SHA512
a8499f8e6c2a32fce98f2d7582059b64e2d4a1accee246bcce46bd1660d6cd1213e452c4ea0d3fda9a64c232994122e2624b79d08cec750afc76408c60af2fa1
Static task
static1
Behavioral task
behavioral1
Sample
4b8f17d0b516f536d4bafce957990b494f1651b130827c2d066e2c4e592f44ec.exe
Resource
win7-en-20211208
Malware Config
Extracted
trickbot
1000480
trgt5688
192.3.104.46:443
23.94.233.210:443
172.82.152.126:443
192.3.247.11:443
202.29.215.114:449
-
autorunControl:GetSystemInfoName:systeminfoName:pwgrab
Targets
-
-
Target
4b8f17d0b516f536d4bafce957990b494f1651b130827c2d066e2c4e592f44ec
-
Size
784KB
-
MD5
f43b8aa0900c9257d2e0fd93981f6443
-
SHA1
fdb92c349397ef25f5a674f57c66a9d03d4eb149
-
SHA256
4b8f17d0b516f536d4bafce957990b494f1651b130827c2d066e2c4e592f44ec
-
SHA512
a8499f8e6c2a32fce98f2d7582059b64e2d4a1accee246bcce46bd1660d6cd1213e452c4ea0d3fda9a64c232994122e2624b79d08cec750afc76408c60af2fa1
-
Trickbot x86 loader
Detected Trickbot's x86 loader that unpacks the x86 payload.
-
Executes dropped EXE
-
Loads dropped DLL
-