General

  • Target

    ca8aae34beefb29525e8d94c02e00e6f

  • Size

    11KB

  • Sample

    231228-gxrleafhh4

  • MD5

    ca8aae34beefb29525e8d94c02e00e6f

  • SHA1

    aaddb87c71e8b39c2635887338614cf055ef6005

  • SHA256

    92c51c585672df9fc62a716c9e9e13bd1c5cea22bf0803a98442102af8a9eeea

  • SHA512

    1383d6a5deafa68666a932250954810fd069ae862cbf2a9fdea6022d32b7bc5a9b381ab8b4734b32c5f5edd753e1a641938e269a58b0c9635d7277b64cd7ce64

  • SSDEEP

    192:bf0bT5u+V0G5j18okX/m5gpEwil94rmuvelyz0w8gxVNa:bMf5u+1jqXPEwq9462Mjw8gLN

Score
10/10

Malware Config

Extracted

Family

nworm

Version

v0.3.8

C2

publicvm.camdvr.org:1933

Mutex

9c719311

Targets

    • Target

      ca8aae34beefb29525e8d94c02e00e6f

    • Size

      11KB

    • MD5

      ca8aae34beefb29525e8d94c02e00e6f

    • SHA1

      aaddb87c71e8b39c2635887338614cf055ef6005

    • SHA256

      92c51c585672df9fc62a716c9e9e13bd1c5cea22bf0803a98442102af8a9eeea

    • SHA512

      1383d6a5deafa68666a932250954810fd069ae862cbf2a9fdea6022d32b7bc5a9b381ab8b4734b32c5f5edd753e1a641938e269a58b0c9635d7277b64cd7ce64

    • SSDEEP

      192:bf0bT5u+V0G5j18okX/m5gpEwil94rmuvelyz0w8gxVNa:bMf5u+1jqXPEwq9462Mjw8gLN

    Score
    10/10
    • NWorm

      A TrickBot module used to propagate to vulnerable domain controllers.

MITRE ATT&CK Matrix

Tasks