General

  • Target

    b3b1fcf37cf99753b52ef02bbb8e22352190d2489e5ae926df5d2b43a740fc24

  • Size

    391KB

  • Sample

    201011-dh3skrzm52

  • MD5

    d3f095b8af36979dbbbb0fba0c69497b

  • SHA1

    ae399f00b624ac94ccf0acec1c01ce4f7e9512c3

  • SHA256

    b3b1fcf37cf99753b52ef02bbb8e22352190d2489e5ae926df5d2b43a740fc24

  • SHA512

    474fdbd8b740f7b0edb5d12f63b68f2e8036df4b35b6262dfb31830ec658fac9cf4e21e79e513c40983f2099b75ed8ba1ad68ef6db7be65a5b05647c73b79897

Score
10/10

Malware Config

Targets

    • Target

      b3b1fcf37cf99753b52ef02bbb8e22352190d2489e5ae926df5d2b43a740fc24

    • Size

      391KB

    • MD5

      d3f095b8af36979dbbbb0fba0c69497b

    • SHA1

      ae399f00b624ac94ccf0acec1c01ce4f7e9512c3

    • SHA256

      b3b1fcf37cf99753b52ef02bbb8e22352190d2489e5ae926df5d2b43a740fc24

    • SHA512

      474fdbd8b740f7b0edb5d12f63b68f2e8036df4b35b6262dfb31830ec658fac9cf4e21e79e513c40983f2099b75ed8ba1ad68ef6db7be65a5b05647c73b79897

    Score
    10/10
    • BazarBackdoor

      Stealthy backdoor targeting corporate networks, believed to be developed by Trickbot's authors.

    • Blacklisted process makes network request

    • Suspicious use of SetThreadContext

MITRE ATT&CK Enterprise v6

Tasks