General
-
Target
607df3ac22bbc7138da3940ef84479261fdac6165b28c5e432236407984bb8a2
-
Size
364KB
-
Sample
220731-eymyhahbaj
-
MD5
96d102e321babe5c8e8a3f5dcb581d54
-
SHA1
a74c5b047344f3c8c77d02a349121923376f7800
-
SHA256
607df3ac22bbc7138da3940ef84479261fdac6165b28c5e432236407984bb8a2
-
SHA512
79cb0f66f944c0959552167ade06f8468e4b66f31481fe2ea387e287a2fb3d3e4cf001ec664341d50cb1c69d46b48f128d5c35a17472ff876f77d3b7fde563fc
Malware Config
Extracted
trickbot
1000108
mac1
61.6.30.223:449
200.111.97.235:449
194.87.103.83:443
92.53.91.113:443
95.213.195.221:443
194.87.238.4:443
194.87.98.166:443
194.87.144.222:443
92.53.91.109:443
95.213.236.54:443
92.53.91.128:443
95.213.236.187:443
194.87.238.84:443
62.109.31.193:443
37.230.115.129:443
37.230.115.138:443
37.230.115.133:443
37.230.115.171:443
94.250.250.110:443
78.140.220.76:443
-
autorunControl:GetSystemInfoName:systeminfoName:injectDll
Targets
-
-
Target
607df3ac22bbc7138da3940ef84479261fdac6165b28c5e432236407984bb8a2
-
Size
364KB
-
MD5
96d102e321babe5c8e8a3f5dcb581d54
-
SHA1
a74c5b047344f3c8c77d02a349121923376f7800
-
SHA256
607df3ac22bbc7138da3940ef84479261fdac6165b28c5e432236407984bb8a2
-
SHA512
79cb0f66f944c0959552167ade06f8468e4b66f31481fe2ea387e287a2fb3d3e4cf001ec664341d50cb1c69d46b48f128d5c35a17472ff876f77d3b7fde563fc
Score10/10-
Trickbot
Developed in 2016, TrickBot is one of the more recent banking Trojans.
-
Executes dropped EXE
-
Loads dropped DLL
-
Suspicious use of SetThreadContext
-