Analysis
-
max time kernel
151s -
max time network
156s -
platform
windows10-2004_x64 -
resource
win10v2004-20220414-en -
submitted
01-07-2022 06:27
Static task
static1
Behavioral task
behavioral1
Sample
da75bffa697de8d12806a2141cf2099a2c39f0b5bc259586fa22911082513aa6.exe
Resource
win7-20220414-en
windows7_x64
0 signatures
0 seconds
General
-
Target
da75bffa697de8d12806a2141cf2099a2c39f0b5bc259586fa22911082513aa6.exe
-
Size
296KB
-
MD5
884b9ba2a87f49828659b2c5a01c0dae
-
SHA1
9ab732009d02f9b82ec02e4dbbd92106652ddb77
-
SHA256
da75bffa697de8d12806a2141cf2099a2c39f0b5bc259586fa22911082513aa6
-
SHA512
810dc40fe36179abec96a4cce45e340710cab605b0c2eb89a57679c75318c1c58003c59db1beed3d96af872a481a6b84b01b8fe7833db6808744f2154afba203
Malware Config
Signatures
-
Trickbot x86 loader 2 IoCs
Detected Trickbot's x86 loader that unpacks the x86 payload.
Processes:
resource yara_rule behavioral2/memory/4912-130-0x0000000002270000-0x0000000002279000-memory.dmp trickbot_loader32 behavioral2/memory/4912-131-0x0000000002270000-0x0000000002279000-memory.dmp trickbot_loader32 -
Suspicious use of SetWindowsHookEx 1 IoCs
Processes:
da75bffa697de8d12806a2141cf2099a2c39f0b5bc259586fa22911082513aa6.exepid process 4912 da75bffa697de8d12806a2141cf2099a2c39f0b5bc259586fa22911082513aa6.exe