General

  • Target

    abd27e2a444507435b20c67464936014

  • Size

    21KB

  • Sample

    231227-k5rsxshdap

  • MD5

    abd27e2a444507435b20c67464936014

  • SHA1

    2b9daae5133ce4b4757b1a0a9a7d5b52d0f6611e

  • SHA256

    5fabb2bb7a4b5d30e340ee071663d9e221bc6ba3328cf13368996051c9d67721

  • SHA512

    4555dbf2c9066d0bbed9f72bf9ac56ffbe409839669d5be38efe436bb32dc760f17d57c455ff74b394f7aefabd8872a9e52c036e1005e4447d0d5e7beb0a6750

  • SSDEEP

    384:Iv4dxX5EOddFNuYd79l+JUUo+BoUy5i8Y/TIC/TaQ:IgTeOddFkYd79cJUUo+qRDYrPuQ

Score
10/10

Malware Config

Extracted

Family

nworm

Version

v0.3.8

C2

publicvm.camdvr.org:1933

Mutex

9c719311

Targets

    • Target

      abd27e2a444507435b20c67464936014

    • Size

      21KB

    • MD5

      abd27e2a444507435b20c67464936014

    • SHA1

      2b9daae5133ce4b4757b1a0a9a7d5b52d0f6611e

    • SHA256

      5fabb2bb7a4b5d30e340ee071663d9e221bc6ba3328cf13368996051c9d67721

    • SHA512

      4555dbf2c9066d0bbed9f72bf9ac56ffbe409839669d5be38efe436bb32dc760f17d57c455ff74b394f7aefabd8872a9e52c036e1005e4447d0d5e7beb0a6750

    • SSDEEP

      384:Iv4dxX5EOddFNuYd79l+JUUo+BoUy5i8Y/TIC/TaQ:IgTeOddFkYd79cJUUo+qRDYrPuQ

    Score
    10/10
    • NWorm

      A TrickBot module used to propagate to vulnerable domain controllers.

MITRE ATT&CK Matrix

Tasks