General
-
Target
mon48_cr.dll
-
Size
329KB
-
Sample
220522-gaphjabdhl
-
MD5
48cab21fcbe254e7c83f4c1d455a39dc
-
SHA1
b96c1f765abb14eb401cacab6f6e203c3a255df9
-
SHA256
f1b9d5520ba13179e19b336e542d18b0bd9f39a2b41d88a739625c8480422b73
-
SHA512
0375a26a2d6d8990d202b75b4cb6797d03300ddc077c4dcb05778365212644ee49ce6e437fde0b77e1b8179d01ffad028635869d2f3897333b85471724d15ebc
Static task
static1
Behavioral task
behavioral1
Sample
mon48_cr.dll
Resource
win7-20220414-en
Malware Config
Extracted
trickbot
100011
mon48
194.5.249.156:443
142.202.191.164:443
193.8.194.96:443
45.155.173.242:443
108.170.20.75:443
185.163.45.138:443
94.140.114.136:443
134.119.186.202:443
200.52.147.93:443
45.230.244.20:443
186.250.157.116:443
186.137.85.76:443
36.94.62.207:443
182.253.107.34:443
-
autorunName:pwgrab
Targets
-
-
Target
mon48_cr.dll
-
Size
329KB
-
MD5
48cab21fcbe254e7c83f4c1d455a39dc
-
SHA1
b96c1f765abb14eb401cacab6f6e203c3a255df9
-
SHA256
f1b9d5520ba13179e19b336e542d18b0bd9f39a2b41d88a739625c8480422b73
-
SHA512
0375a26a2d6d8990d202b75b4cb6797d03300ddc077c4dcb05778365212644ee49ce6e437fde0b77e1b8179d01ffad028635869d2f3897333b85471724d15ebc
-
suricata: ET MALWARE Win32/TrickBot CnC Initial Checkin M2
suricata: ET MALWARE Win32/TrickBot CnC Initial Checkin M2
-