trickbot | 94ffc5fde8cddb3e28ea1a17914b9120b5158f058eecc993d9b8e5a378d98a3c

General

Target

94ffc5fde8cddb3e28ea1a17914b9120b5158f058eecc993d9b8e5a378d98a3c
Size

193KB
MD5

03e207d529998465a72ee7376bc5b180
SHA1

47a3edb81733b70e9c656ee1ba5d4c1944e8a111
SHA256

94ffc5fde8cddb3e28ea1a17914b9120b5158f058eecc993d9b8e5a378d98a3c
SHA512

6c0c01cc8bd312f207c8158c375b8cbb96fa1da9317d11c6a39cafdb329bb02f15b6ebc2606d17af108b46b753e2ee8e0d0ff59fc0ff0463efafeda81b5ec913
SSDEEP

3072:Uft8GtnraYPomTTT7EHs/UarNe6QBRSc47K9phv8tFfhtRI1mTjKzV250FielM2y:aemjEHSJ09GIphvSFf7ZCY50HldDW

Score

10^/10

chil6 trickbot

Malware Config

Extracted

Family

trickbot

Version

1000501

Botnet

chil6

C2

5.182.210.226:443

5.182.210.120:443

185.65.202.183:443

212.80.217.243:443

85.143.218.249:443

194.5.250.178:443

198.15.119.121:443

107.175.87.142:443

185.14.31.72:443

188.165.62.2:443

194.5.250.179:443

198.15.119.71:443

185.14.29.4:443

185.99.2.202:443

192.3.193.162:443

89.191.234.89:443

195.54.32.12:443

31.131.21.30:443

5.34.177.194:443

190.214.13.2:449

Attributes

autorun
Name:pwgrab

ecc_pubkey.base64

Signatures

Trickbot family
trickbot

Files

94ffc5fde8cddb3e28ea1a17914b9120b5158f058eecc993d9b8e5a378d98a3c
.exe windows x86

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

Sections

.text
Size: 193KB - Virtual size: 192KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

Sharing

General

Malware Config

Extracted

Signatures

Files

Headers

File Characteristics

Sections

.text Size: 193KB - Virtual size: 192KB

.text
Size: 193KB - Virtual size: 192KB