General
-
Target
5efb96495538937fe47d41b0d7e98db37de61e6f593d349238286df075c1397c
-
Size
773KB
-
Sample
220128-wevmnshffp
-
MD5
11a4513b7341d681cdb11165ba0dcee5
-
SHA1
e2e21411d286ffe7e2515f9ad917e3d0d43d6caa
-
SHA256
5efb96495538937fe47d41b0d7e98db37de61e6f593d349238286df075c1397c
-
SHA512
c1883c8827f529b1e9ded7db7c9e3da064e51d5f5a77ee02ffa8aed2e7973f92c556f6662ea76fadafefa63e1374607683f49111e96bb81f40b84a778ef579c4
Static task
static1
Behavioral task
behavioral1
Sample
5efb96495538937fe47d41b0d7e98db37de61e6f593d349238286df075c1397c.exe
Resource
win7-en-20211208
Malware Config
Extracted
trickbot
1000480
trgt5688
192.3.104.46:443
23.94.233.210:443
172.82.152.126:443
192.3.247.11:443
202.29.215.114:449
-
autorunControl:GetSystemInfoName:systeminfoName:pwgrab
Targets
-
-
Target
5efb96495538937fe47d41b0d7e98db37de61e6f593d349238286df075c1397c
-
Size
773KB
-
MD5
11a4513b7341d681cdb11165ba0dcee5
-
SHA1
e2e21411d286ffe7e2515f9ad917e3d0d43d6caa
-
SHA256
5efb96495538937fe47d41b0d7e98db37de61e6f593d349238286df075c1397c
-
SHA512
c1883c8827f529b1e9ded7db7c9e3da064e51d5f5a77ee02ffa8aed2e7973f92c556f6662ea76fadafefa63e1374607683f49111e96bb81f40b84a778ef579c4
-
Trickbot x86 loader
Detected Trickbot's x86 loader that unpacks the x86 payload.
-
Executes dropped EXE
-
Loads dropped DLL
-