General
-
Target
ee07e8c21a1cca68eb6cb14ce2b8f768e3f6e11f492e1c8ecca963b8c9685e7a
-
Size
364KB
-
Sample
220625-jcm4ladeb7
-
MD5
cec86610ef0e41f843f408bfb2d53486
-
SHA1
480cf2003f147392f6e4443631350e2e1f364d9f
-
SHA256
ee07e8c21a1cca68eb6cb14ce2b8f768e3f6e11f492e1c8ecca963b8c9685e7a
-
SHA512
b32e9e6c6f4945d759be10506c53f16052efd27da9c994af1c8782764444ec25a9217b8d110c9e0929843c44a1dcc261632f8ad0956f908734a0d29de461bdca
Static task
static1
Behavioral task
behavioral1
Sample
ee07e8c21a1cca68eb6cb14ce2b8f768e3f6e11f492e1c8ecca963b8c9685e7a.exe
Resource
win7-20220414-en
Malware Config
Extracted
Family |
trickbot |
Version |
1000507 |
Botnet |
ono38 |
C2 |
51.89.115.112:443 185.141.27.225:443 151.80.212.114:443 5.182.210.178:443 188.119.113.60:443 91.235.129.199:443 185.234.72.193:443 194.5.250.200:443 185.14.29.141:443 185.99.2.197:443 185.234.72.50:443 194.5.250.201:443 108.170.61.186:443 217.12.209.159:443 185.99.2.44:443 51.89.115.108:443 164.68.120.58:443 164.132.255.19:443 148.251.185.164:443 94.250.250.69:443 94.250.249.170:443 195.123.237.105:443 190.214.13.2:449 181.129.104.139:449 181.112.157.42:449 181.129.134.18:449 131.161.253.190:449 121.100.19.18:449 202.29.215.114:449 171.100.142.238:449 190.136.178.52:449 45.6.16.68:449 110.232.76.39:449 122.50.6.122:449 103.12.161.194:449 36.91.45.10:449 103.227.147.82:449 96.9.77.56:449 103.5.231.188:449 110.93.15.98:449 200.171.101.169:449 |
Attributes |
autorun Name:pwgrab |
ecc_pubkey.base64 |
|
Targets
-
-
Target
ee07e8c21a1cca68eb6cb14ce2b8f768e3f6e11f492e1c8ecca963b8c9685e7a
-
Size
364KB
-
MD5
cec86610ef0e41f843f408bfb2d53486
-
SHA1
480cf2003f147392f6e4443631350e2e1f364d9f
-
SHA256
ee07e8c21a1cca68eb6cb14ce2b8f768e3f6e11f492e1c8ecca963b8c9685e7a
-
SHA512
b32e9e6c6f4945d759be10506c53f16052efd27da9c994af1c8782764444ec25a9217b8d110c9e0929843c44a1dcc261632f8ad0956f908734a0d29de461bdca
-
Dave packer
Detects executable using a packer named 'Dave' by the community, based on a string at the end.
-
MITRE ATT&CK Matrix
Collection
Command and Control
Credential Access
Defense Evasion
Discovery
Execution
Exfiltration
Impact
Initial Access
Lateral Movement
Persistence
Privilege Escalation