General
-
Target
5b99daa58d2f59f7066c1d0ce82884217e3ad693d6f5f26ed351f96754a790cb
-
Size
424KB
-
Sample
220708-kfdvrsbeb9
-
MD5
a0c729c01ea861b5a20294303a612b9f
-
SHA1
ae122915a28c02908e1088670914962b827c42e0
-
SHA256
5b99daa58d2f59f7066c1d0ce82884217e3ad693d6f5f26ed351f96754a790cb
-
SHA512
976ec722e3c459b5a7158a9b5fc5414b7d40b5ad636e3b1cac8b3911f5b2cf2ccb8fa0c87d5c384f4d8bca5f564d44e178a0e6e491055d470ae95d333a568a6a
Static task
static1
Behavioral task
behavioral1
Sample
5b99daa58d2f59f7066c1d0ce82884217e3ad693d6f5f26ed351f96754a790cb.exe
Resource
win7-20220414-en
Malware Config
Extracted
trickbot
100009
lib5
149.54.11.54:449
36.89.191.119:449
41.159.31.227:449
103.150.68.124:449
103.126.185.7:449
103.112.145.58:449
103.110.53.174:449
102.164.208.44:449
194.5.249.143:443
142.202.191.175:443
195.123.241.31:443
45.89.125.214:443
45.83.151.103:443
91.200.103.41:443
66.70.246.0:443
64.74.160.218:443
198.46.198.115:443
5.34.180.173:443
23.227.196.5:443
195.123.241.115:443
107.152.42.163:443
-
autorunName:pwgrab
Targets
-
-
Target
5b99daa58d2f59f7066c1d0ce82884217e3ad693d6f5f26ed351f96754a790cb
-
Size
424KB
-
MD5
a0c729c01ea861b5a20294303a612b9f
-
SHA1
ae122915a28c02908e1088670914962b827c42e0
-
SHA256
5b99daa58d2f59f7066c1d0ce82884217e3ad693d6f5f26ed351f96754a790cb
-
SHA512
976ec722e3c459b5a7158a9b5fc5414b7d40b5ad636e3b1cac8b3911f5b2cf2ccb8fa0c87d5c384f4d8bca5f564d44e178a0e6e491055d470ae95d333a568a6a
-
suricata: ET MALWARE Win32/TrickBot CnC Initial Checkin M2
suricata: ET MALWARE Win32/TrickBot CnC Initial Checkin M2
-
Executes dropped EXE
-
Loads dropped DLL
-