General
-
Target
d0cc346706bfebc9882fa24199177320c076d02bf844a400a50600437836377b
-
Size
492KB
-
Sample
220731-f94wtscbbq
-
MD5
3f1b28c0955bf9d8854a7a0887ba8785
-
SHA1
29d602d28f21760a38e46f7d2f9a1f08d3dea092
-
SHA256
d0cc346706bfebc9882fa24199177320c076d02bf844a400a50600437836377b
-
SHA512
c46941e6578d06a7a5760847022b04414ca3d07af629957e12ebbd892b3f60bc1b86fb93c038ba3172f1c233edd99f18586e477a5f983cfd55ee6000cd0771ec
Static task
static1
Behavioral task
behavioral1
Sample
d0cc346706bfebc9882fa24199177320c076d02bf844a400a50600437836377b.exe
Resource
win7-20220715-en
Malware Config
Targets
-
-
Target
d0cc346706bfebc9882fa24199177320c076d02bf844a400a50600437836377b
-
Size
492KB
-
MD5
3f1b28c0955bf9d8854a7a0887ba8785
-
SHA1
29d602d28f21760a38e46f7d2f9a1f08d3dea092
-
SHA256
d0cc346706bfebc9882fa24199177320c076d02bf844a400a50600437836377b
-
SHA512
c46941e6578d06a7a5760847022b04414ca3d07af629957e12ebbd892b3f60bc1b86fb93c038ba3172f1c233edd99f18586e477a5f983cfd55ee6000cd0771ec
-
Trickbot x86 loader
Detected Trickbot's x86 loader that unpacks the x86 payload.
-
Executes dropped EXE
-
Checks computer location settings
Looks up country code configured in the registry, likely geofence.
-
Loads dropped DLL
-