Analysis
-
max time kernel
146s -
max time network
152s -
platform
windows10-2004_x64 -
resource
win10v2004-20220721-en -
resource tags
arch:x64arch:x86image:win10v2004-20220721-enlocale:en-usos:windows10-2004-x64system -
submitted
31-07-2022 04:57
Static task
static1
Behavioral task
behavioral1
Sample
6e1ef7c3b4a23c315aecda8bf42c9b66ae1dbe30bb9ef090218ca04bdfe0ff36.exe
Resource
win7-20220718-en
windows7-x64
2 signatures
150 seconds
General
-
Target
6e1ef7c3b4a23c315aecda8bf42c9b66ae1dbe30bb9ef090218ca04bdfe0ff36.exe
-
Size
300KB
-
MD5
639f6e849afdc63d6d94b9a60ff89625
-
SHA1
ef63247906ec06065effbfeb822ca90b5b26ae9e
-
SHA256
6e1ef7c3b4a23c315aecda8bf42c9b66ae1dbe30bb9ef090218ca04bdfe0ff36
-
SHA512
7630932c7d5f7a554e83b741e2120f29453ffe4f66fadbfc3e4c134c5eb6020b10fdf08bde8a92e958446417f682f3c504c03e3193ba6170308454e2e67d53e4
Malware Config
Signatures
-
Trickbot x86 loader 3 IoCs
Detected Trickbot's x86 loader that unpacks the x86 payload.
Processes:
resource yara_rule behavioral2/memory/3508-130-0x0000000000650000-0x0000000000659000-memory.dmp trickbot_loader32 behavioral2/memory/3508-132-0x0000000000640000-0x0000000000647000-memory.dmp trickbot_loader32 behavioral2/memory/3508-133-0x0000000000651000-0x0000000000658000-memory.dmp trickbot_loader32