General
-
Target
6d64abd7986e0caefe99c4c11f23ee79dc583b5ae8667b44b224cbc2ed5587db
-
Size
773KB
-
Sample
220128-wfvn3ahgan
-
MD5
5d273b044a3b380dd35d8acbc21b85ec
-
SHA1
e133981f3a5c1c9341218a93dcf1cd0ac7374c34
-
SHA256
6d64abd7986e0caefe99c4c11f23ee79dc583b5ae8667b44b224cbc2ed5587db
-
SHA512
31d666008796d9625d35e97f8dd8ce28801cd65a4b26c85089ae770fa5970e8cd575bbf4975945ba3968cae6c2223fbf7449324ae64a91dad05ddc73bf364724
Static task
static1
Behavioral task
behavioral1
Sample
6d64abd7986e0caefe99c4c11f23ee79dc583b5ae8667b44b224cbc2ed5587db.exe
Resource
win7-en-20211208
Malware Config
Extracted
trickbot
1000480
trgt5688
192.3.104.46:443
23.94.233.210:443
172.82.152.126:443
192.3.247.11:443
202.29.215.114:449
-
autorunControl:GetSystemInfoName:systeminfoName:pwgrab
Targets
-
-
Target
6d64abd7986e0caefe99c4c11f23ee79dc583b5ae8667b44b224cbc2ed5587db
-
Size
773KB
-
MD5
5d273b044a3b380dd35d8acbc21b85ec
-
SHA1
e133981f3a5c1c9341218a93dcf1cd0ac7374c34
-
SHA256
6d64abd7986e0caefe99c4c11f23ee79dc583b5ae8667b44b224cbc2ed5587db
-
SHA512
31d666008796d9625d35e97f8dd8ce28801cd65a4b26c85089ae770fa5970e8cd575bbf4975945ba3968cae6c2223fbf7449324ae64a91dad05ddc73bf364724
-
Trickbot x86 loader
Detected Trickbot's x86 loader that unpacks the x86 payload.
-
Executes dropped EXE
-
Loads dropped DLL
-