General
-
Target
def23945edd5c886e15be93a90595e1c7158e0c2fb23e8ff2c9b7d8b2a32b38a
-
Size
728KB
-
Sample
220724-sxahnshbbk
-
MD5
95e1defac9e01e6e792cb794dadc16de
-
SHA1
fb8482ed7e894743d34262299e0612b7b92c3159
-
SHA256
def23945edd5c886e15be93a90595e1c7158e0c2fb23e8ff2c9b7d8b2a32b38a
-
SHA512
bb4fd1f416da77ee51770c4cce9778652b1b7411f5d72af22b991842abb8cf5ba156c92263e55948c9ab92449602f9dc616792e1b8bce2a215948d6c8bf49965
Static task
static1
Behavioral task
behavioral1
Sample
def23945edd5c886e15be93a90595e1c7158e0c2fb23e8ff2c9b7d8b2a32b38a.exe
Resource
win7-20220718-en
Malware Config
Targets
-
-
Target
def23945edd5c886e15be93a90595e1c7158e0c2fb23e8ff2c9b7d8b2a32b38a
-
Size
728KB
-
MD5
95e1defac9e01e6e792cb794dadc16de
-
SHA1
fb8482ed7e894743d34262299e0612b7b92c3159
-
SHA256
def23945edd5c886e15be93a90595e1c7158e0c2fb23e8ff2c9b7d8b2a32b38a
-
SHA512
bb4fd1f416da77ee51770c4cce9778652b1b7411f5d72af22b991842abb8cf5ba156c92263e55948c9ab92449602f9dc616792e1b8bce2a215948d6c8bf49965
-
Trickbot x86 loader
Detected Trickbot's x86 loader that unpacks the x86 payload.
-
Executes dropped EXE
-
Checks computer location settings
Looks up country code configured in the registry, likely geofence.
-
Loads dropped DLL
-