Analysis of latest Trickbot malware sample - served in excel attachment
The malware sample of trickbot was already submitted in the anyrun online sandbox for malware analysis.
We collected this malware sample and performed a manual analysis. The file details are:
Searched this hash in the VirusTotal for detection hits:
File name: Unpaid_invoice_1462.xls
File size: 109.5 KB
This excel embedded with a macro that connects to a suspicious URL. We executed the malware in our VM, it prompts to enable the macro. After enabling, it to try to connect the following Link:
Currently, it didn’t download any other payloads.
Post made by