General
-
Target
triggerbot.exe
-
Size
35.6MB
-
Sample
240606-sysewafh9s
-
MD5
dda11ea77c1699d7b0d3d54b16c3f858
-
SHA1
fee06beadd08e9185b19a7195077998824b6ce56
-
SHA256
e9b63c452e95823360e286fc6af34491a643128f225050d2f7f2f844488584de
-
SHA512
cbb731e1ec8fd06fe01b77c4ee826444cae65bb95709f5eadbf67f97eca21d5d7719aff8f2c243729a11b51d0901a71c54134941cc11a58c10a7f8b174b0ddef
-
SSDEEP
786432:i1dJsN3IL5B0PQgXAdQuo2j6+s7LWB75zuOOoOduVJfrZk2Q7:gcQgXA42qHWB75i2fVJVkd
Behavioral task
behavioral1
Sample
triggerbot.exe
Resource
win11-20240419-en
Malware Config
Targets
-
-
Target
triggerbot.exe
-
Size
35.6MB
-
MD5
dda11ea77c1699d7b0d3d54b16c3f858
-
SHA1
fee06beadd08e9185b19a7195077998824b6ce56
-
SHA256
e9b63c452e95823360e286fc6af34491a643128f225050d2f7f2f844488584de
-
SHA512
cbb731e1ec8fd06fe01b77c4ee826444cae65bb95709f5eadbf67f97eca21d5d7719aff8f2c243729a11b51d0901a71c54134941cc11a58c10a7f8b174b0ddef
-
SSDEEP
786432:i1dJsN3IL5B0PQgXAdQuo2j6+s7LWB75zuOOoOduVJfrZk2Q7:gcQgXA42qHWB75i2fVJVkd
Score7/10-
Loads dropped DLL
-
Legitimate hosting services abused for malware hosting/C2
-
Looks up external IP address via web service
Uses a legitimate IP lookup service to find the infected system's external IP.
-
Maps connected drives based on registry
Disk information is often read in order to detect sandboxing environments.
-