General
-
Target
c28522e02d279c2fdb47d79b98976d2cf63347121dbbb467e12ce0eafb4369b9
-
Size
881KB
-
Sample
220128-xmlv6sbch8
-
MD5
59ccde8ff080314a8568b0f909037ca2
-
SHA1
acf6ab5b9a983c70864f0c95790d85d257ceb528
-
SHA256
c28522e02d279c2fdb47d79b98976d2cf63347121dbbb467e12ce0eafb4369b9
-
SHA512
6f5b69bf9ba0d987c998fca02f1a572147c850085764334971310a9d05378eb40bd85eb7cb49d9863f3b6101716a5d3c69e7a23292b653a92a9f107c2aace9a2
Static task
static1
Behavioral task
behavioral1
Sample
c28522e02d279c2fdb47d79b98976d2cf63347121dbbb467e12ce0eafb4369b9.exe
Resource
win7-en-20211208
Malware Config
Extracted
trickbot
1000479
trgt98888
192.3.104.46:443
23.94.233.210:443
172.82.152.126:443
192.3.247.11:443
202.29.215.114:449
-
autorunControl:GetSystemInfoName:systeminfoName:pwgrab
Targets
-
-
Target
c28522e02d279c2fdb47d79b98976d2cf63347121dbbb467e12ce0eafb4369b9
-
Size
881KB
-
MD5
59ccde8ff080314a8568b0f909037ca2
-
SHA1
acf6ab5b9a983c70864f0c95790d85d257ceb528
-
SHA256
c28522e02d279c2fdb47d79b98976d2cf63347121dbbb467e12ce0eafb4369b9
-
SHA512
6f5b69bf9ba0d987c998fca02f1a572147c850085764334971310a9d05378eb40bd85eb7cb49d9863f3b6101716a5d3c69e7a23292b653a92a9f107c2aace9a2
-
Trickbot x86 loader
Detected Trickbot's x86 loader that unpacks the x86 payload.
-
Executes dropped EXE
-
Loads dropped DLL
-