General
-
Target
7f62815f2d8325584e3fe2b28a3705e53ca75abfa13a6b6eae68fc5440c46fac
-
Size
448KB
-
Sample
220625-fcdndaefan
-
MD5
d225d4aab52217753e4ab2d304a6bdd3
-
SHA1
9b2ec23a722ba5ce3bb5baf4c5be09a514816cb5
-
SHA256
7f62815f2d8325584e3fe2b28a3705e53ca75abfa13a6b6eae68fc5440c46fac
-
SHA512
2a69c0a986c441de386f01c195e459c512fe61d3e8de87faa223f3f8c653988930c31b8c127d887fdbeb591ac03b92929f11e50e8719ba8fcaf2a6784eebf2e8
Static task
static1
Behavioral task
behavioral1
Sample
7f62815f2d8325584e3fe2b28a3705e53ca75abfa13a6b6eae68fc5440c46fac.exe
Resource
win7-20220414-en
Malware Config
Extracted
Family |
trickbot |
Version |
1000507 |
Botnet |
ono38 |
C2 |
51.89.115.112:443 185.141.27.225:443 151.80.212.114:443 5.182.210.178:443 188.119.113.60:443 91.235.129.199:443 185.234.72.193:443 194.5.250.200:443 185.14.29.141:443 185.99.2.197:443 185.234.72.50:443 194.5.250.201:443 108.170.61.186:443 217.12.209.159:443 185.99.2.44:443 51.89.115.108:443 164.68.120.58:443 164.132.255.19:443 148.251.185.164:443 94.250.250.69:443 94.250.249.170:443 195.123.237.105:443 190.214.13.2:449 181.129.104.139:449 181.112.157.42:449 181.129.134.18:449 131.161.253.190:449 121.100.19.18:449 202.29.215.114:449 171.100.142.238:449 190.136.178.52:449 45.6.16.68:449 110.232.76.39:449 122.50.6.122:449 103.12.161.194:449 36.91.45.10:449 103.227.147.82:449 96.9.77.56:449 103.5.231.188:449 110.93.15.98:449 200.171.101.169:449 |
Attributes |
autorun Name:pwgrab |
ecc_pubkey.base64 |
|
Targets
-
-
Target
7f62815f2d8325584e3fe2b28a3705e53ca75abfa13a6b6eae68fc5440c46fac
-
Size
448KB
-
MD5
d225d4aab52217753e4ab2d304a6bdd3
-
SHA1
9b2ec23a722ba5ce3bb5baf4c5be09a514816cb5
-
SHA256
7f62815f2d8325584e3fe2b28a3705e53ca75abfa13a6b6eae68fc5440c46fac
-
SHA512
2a69c0a986c441de386f01c195e459c512fe61d3e8de87faa223f3f8c653988930c31b8c127d887fdbeb591ac03b92929f11e50e8719ba8fcaf2a6784eebf2e8
-
Dave packer
Detects executable using a packer named 'Dave' by the community, based on a string at the end.
-
MITRE ATT&CK Matrix
Collection
Command and Control
Credential Access
Defense Evasion
Discovery
Execution
Exfiltration
Impact
Initial Access
Lateral Movement
Persistence
Privilege Escalation