malware_traffic

2019-02-04 - Trickbot EXEs as .png from 185.68.93[.]30

Feb 4th, 2019
996
Never
Not a member of Pastebin yet? Sign Up, it unlocks many cool features!
  1. 2019-02-04 - TRICKBOT EXECUTABLE FILES SENT AS .PNG URLS FROM 185.68.93[.]30
  2.  
  3. - SHA256 hash: fda18e335ff9413e38e16df1838ea4a4c361223af708441d7127dbbc753fd8f7
  4. - File size: 446,464 bytes
  5. - File name: radiance.png
  6. - File description: Trickbot EXE - gtag: tot407
  7. - Any.Run analysis: https://app.any.run/tasks/412f2284-aa39-4c88-bf18-4eee5e63eb17
  8. - CAPE sandbox analysis: https://cape.contextis.com/analysis/34928/
  9. - Reverse.it analysis: https://www.reverse.it/sample/fda18e335ff9413e38e16df1838ea4a4c361223af708441d7127dbbc753fd8f7
  10.  
  11. - SHA256 hash: 4888b5a0e84e595534a0a6a49ba60ecdc506c32ddfe9a270db9a8da5ca19360c
  12. - File size: 446,464 bytes
  13. - File name: table.png
  14. - File description: Trickbot EXE - gtag: lib407
  15. - Any.Run analysis: https://app.any.run/tasks/f2c8a126-6e1b-4f1f-9f92-e9ad7a47742e
  16. - CAPE sandbox analysis: https://cape.contextis.com/analysis/34930/
  17. - Reverse.it analysis: https://www.reverse.it/sample/4888b5a0e84e595534a0a6a49ba60ecdc506c32ddfe9a270db9a8da5ca19360c
  18.  
  19. - SHA256 hash: 60e71dd484194c212c43b7aef55b354e05ec30e299f47d7917922b660feb5df5
  20. - File size: 446,464 bytes
  21. - File name: worming.png
  22. - File description: Trickbot EXE - gtag: jim407
  23. - Any.Run analysis: https://app.any.run/tasks/543fc5b1-6d21-4fd0-8d5e-1e5cd3db3587
  24. - CAPE sandbox analysis: https://cape.contextis.com/analysis/34931/
  25. - Reverse.it analysis: https://www.reverse.it/sample/60e71dd484194c212c43b7aef55b354e05ec30e299f47d7917922b660feb5df5
  26.  
  27. NOTE: toler.png is also available from 185.68.93[.]30, but it's still an old file from September 2018.
  28.  
  29. - SHA256 hash: b188ac573ace0648594b9abb1e04093f723992667c4fb369b162012a359b0599
  30. - File size: 336,896 bytes
  31. - File name: toler.png
  32. - File description: Trickbot EXE - gtag: tot302
RAW Paste Data