Analysis

  • max time kernel
    145s
  • max time network
    116s
  • platform
    windows7_x64
  • resource
    win7v200430
  • submitted
    16-07-2020 16:26

General

  • Target

    55d95d9486d77df6ac79bb25eb8b8778940bac27021249f779198e05a2e1edae.exe

  • Size

    813KB

  • MD5

    dfcf5342f034605cda27d08ce3706d0f

  • SHA1

    d7b744fd876bc7434cab8f72df66d1bc9c7fcd1a

  • SHA256

    55d95d9486d77df6ac79bb25eb8b8778940bac27021249f779198e05a2e1edae

  • SHA512

    df597e3e87138fb585d9ae370a590b96c45bb581899879d5a583efc069656fce3aec2d2687dbd58eb08849de7defc9de0aa7029d78c84aa963b52587187c6008

Score
10/10

Malware Config

Signatures

  • Suspicious use of SetWindowsHookEx 2 IoCs
  • BazarBackdoor

    Stealthy backdoor targetting corporate networks, believed to be developed by Trickbot's authors.

Processes

  • C:\Users\Admin\AppData\Local\Temp\55d95d9486d77df6ac79bb25eb8b8778940bac27021249f779198e05a2e1edae.exe
    "C:\Users\Admin\AppData\Local\Temp\55d95d9486d77df6ac79bb25eb8b8778940bac27021249f779198e05a2e1edae.exe"
    1⤵
    • Suspicious use of SetWindowsHookEx
    PID:1500

Network

MITRE ATT&CK Matrix

Replay Monitor

Loading Replay Monitor...

Downloads

  • memory/1500-0-0x0000000000470000-0x000000000049E000-memory.dmp

    Filesize

    184KB