General
-
Target
ee07e8c21a1cca68eb6cb14ce2b8f768e3f6e11f492e1c8ecca963b8c9685e7a
-
Size
364KB
-
Sample
220625-jcm4ladeb7
-
MD5
cec86610ef0e41f843f408bfb2d53486
-
SHA1
480cf2003f147392f6e4443631350e2e1f364d9f
-
SHA256
ee07e8c21a1cca68eb6cb14ce2b8f768e3f6e11f492e1c8ecca963b8c9685e7a
-
SHA512
b32e9e6c6f4945d759be10506c53f16052efd27da9c994af1c8782764444ec25a9217b8d110c9e0929843c44a1dcc261632f8ad0956f908734a0d29de461bdca
Static task
static1
Behavioral task
behavioral1
Sample
ee07e8c21a1cca68eb6cb14ce2b8f768e3f6e11f492e1c8ecca963b8c9685e7a.exe
Resource
win7-20220414-en
Malware Config
Extracted
trickbot
1000507
ono38
51.89.115.112:443
185.141.27.225:443
151.80.212.114:443
5.182.210.178:443
188.119.113.60:443
91.235.129.199:443
185.234.72.193:443
194.5.250.200:443
185.14.29.141:443
185.99.2.197:443
185.234.72.50:443
194.5.250.201:443
108.170.61.186:443
217.12.209.159:443
185.99.2.44:443
51.89.115.108:443
164.68.120.58:443
164.132.255.19:443
148.251.185.164:443
94.250.250.69:443
94.250.249.170:443
195.123.237.105:443
190.214.13.2:449
181.129.104.139:449
181.112.157.42:449
181.129.134.18:449
131.161.253.190:449
121.100.19.18:449
202.29.215.114:449
171.100.142.238:449
190.136.178.52:449
45.6.16.68:449
110.232.76.39:449
122.50.6.122:449
103.12.161.194:449
36.91.45.10:449
103.227.147.82:449
96.9.77.56:449
103.5.231.188:449
110.93.15.98:449
200.171.101.169:449
-
autorunName:pwgrab
Targets
-
-
Target
ee07e8c21a1cca68eb6cb14ce2b8f768e3f6e11f492e1c8ecca963b8c9685e7a
-
Size
364KB
-
MD5
cec86610ef0e41f843f408bfb2d53486
-
SHA1
480cf2003f147392f6e4443631350e2e1f364d9f
-
SHA256
ee07e8c21a1cca68eb6cb14ce2b8f768e3f6e11f492e1c8ecca963b8c9685e7a
-
SHA512
b32e9e6c6f4945d759be10506c53f16052efd27da9c994af1c8782764444ec25a9217b8d110c9e0929843c44a1dcc261632f8ad0956f908734a0d29de461bdca
-
Dave packer
Detects executable using a packer named 'Dave' by the community, based on a string at the end.
-