General
-
Target
48d30cefb261ea22a099e934c000a306e68cdcc297a75785fb2c1b0a5f9c6e67
-
Size
752KB
-
Sample
220128-wcnfkshehq
-
MD5
424cba4de93616e73d1e02a267ae2db5
-
SHA1
e66aa75268fea36ad8c5bfac413f948c7f508c0a
-
SHA256
48d30cefb261ea22a099e934c000a306e68cdcc297a75785fb2c1b0a5f9c6e67
-
SHA512
33308c61f0112cf05634a6c00f7c7fa80d7093f988506a750f7c5b49d738151008a91402cd2ee1d88ca134e3c9f34faea49451ae40f5399186fa0b9f500fcf19
Static task
static1
Behavioral task
behavioral1
Sample
48d30cefb261ea22a099e934c000a306e68cdcc297a75785fb2c1b0a5f9c6e67.exe
Resource
win7-en-20211208
Malware Config
Extracted
trickbot
1000480
trgt5688
192.3.104.46:443
23.94.233.210:443
172.82.152.126:443
192.3.247.11:443
202.29.215.114:449
-
autorunControl:GetSystemInfoName:systeminfoName:pwgrab
Targets
-
-
Target
48d30cefb261ea22a099e934c000a306e68cdcc297a75785fb2c1b0a5f9c6e67
-
Size
752KB
-
MD5
424cba4de93616e73d1e02a267ae2db5
-
SHA1
e66aa75268fea36ad8c5bfac413f948c7f508c0a
-
SHA256
48d30cefb261ea22a099e934c000a306e68cdcc297a75785fb2c1b0a5f9c6e67
-
SHA512
33308c61f0112cf05634a6c00f7c7fa80d7093f988506a750f7c5b49d738151008a91402cd2ee1d88ca134e3c9f34faea49451ae40f5399186fa0b9f500fcf19
-
Trickbot x86 loader
Detected Trickbot's x86 loader that unpacks the x86 payload.
-
Executes dropped EXE
-
Loads dropped DLL
-