General
-
Target
eb0311c06ad67251b11b8a69d4508c0851e900cbcda30aeeb87e14daef921396
-
Size
389KB
-
Sample
240417-qcs36sgf54
-
MD5
3ad2f74eb72773512a754e219192421a
-
SHA1
821be62ba47021b05b188ced24ab19056662c470
-
SHA256
eb0311c06ad67251b11b8a69d4508c0851e900cbcda30aeeb87e14daef921396
-
SHA512
e1a04f2fb261dbc1e330e6ff0ca6d0f33633b7e952606294b7143db4f47d90b38575e0e279f22bd7d4b7636f6b68483d13a5b00a7a87e61bdf678bf92401d46b
-
SSDEEP
6144:NiRX9SX7Ah7kAhsq9whuJJhAeWvJnTqd8bpcyfNSQplwFIbc6gqmWfiwmlb/tz:NEXAX0bCIwmhAeWfNnpCFYlAMiwmZFz
Static task
static1
Behavioral task
behavioral1
Sample
9fdea40a9872a77335ae3b733a50f4d1e9f8eff193ae84e36fb7e5802c481f72.exe
Resource
win7-20240220-en
Malware Config
Targets
-
-
Target
9fdea40a9872a77335ae3b733a50f4d1e9f8eff193ae84e36fb7e5802c481f72.exe
-
Size
550KB
-
MD5
0b375e6b7e44d7c8488c4227e9344197
-
SHA1
dd8753066efc055dea693f44627fd69c988dfc65
-
SHA256
9fdea40a9872a77335ae3b733a50f4d1e9f8eff193ae84e36fb7e5802c481f72
-
SHA512
1c0bab939e6c34b3b51853051a8b5e72ac47a896579dc705679293795461c5aa0e62bb2ff63deeabfbb5106732620506124ca208dd5978b72650a645eb23eca7
-
SSDEEP
12288:Zx1Q61iHsXYvfVpMODDawkCurdEtttYy7C62Vvyh7:ZXQUIsQpMsequrmGyiqh7
-
Trickbot x86 loader
Detected Trickbot's x86 loader that unpacks the x86 payload.
-
Checks computer location settings
Looks up country code configured in the registry, likely geofence.
-
Executes dropped EXE
-
Loads dropped DLL
-