Resubmissions
29-01-2023 17:44
230129-wbbqdshc5z 10Analysis
-
max time kernel
43s -
max time network
46s -
platform
windows7_x64 -
resource
win7-20220812-en -
resource tags
arch:x64arch:x86image:win7-20220812-enlocale:en-usos:windows7-x64system -
submitted
29-01-2023 17:44
Static task
static1
Behavioral task
behavioral1
Sample
732a688e619a0f755e0da9303135aa3360dca3098e113a758f8fa6505b7705c7.exe
Resource
win7-20220812-en
windows7-x64
2 signatures
150 seconds
General
-
Target
732a688e619a0f755e0da9303135aa3360dca3098e113a758f8fa6505b7705c7.exe
-
Size
329KB
-
MD5
27837c212d654407b893ca689aa71ed4
-
SHA1
ac0ec08c5a132c39a15626bf1f638ee6b545302e
-
SHA256
732a688e619a0f755e0da9303135aa3360dca3098e113a758f8fa6505b7705c7
-
SHA512
ed9601b607fe93ee26e1b4851a420ca5dc7687092199196b349e8ffcfdbfeae30d5762cd63612120620deb83ae92648a95f08e48257620d2787d40f1f772e559
-
SSDEEP
6144:6HBGzzdFCJx6fVyYlrXKkKQU5dr/pseozXgWRZB0sP/vUg:D3zZ8YNKaU5NBsemQWTBN
Malware Config
Signatures
-
Trickbot x86 loader 2 IoCs
Detected Trickbot's x86 loader that unpacks the x86 payload.
Processes:
resource yara_rule behavioral1/memory/2004-55-0x00000000003C0000-0x00000000003EB000-memory.dmp trickbot_loader32 behavioral1/memory/2004-56-0x00000000003C0000-0x00000000003EB000-memory.dmp trickbot_loader32