General

  • Target

    bad9f0b937bc7a74cd5657127e7d1707ce024ccb5434044ef305dffd4307f29b

  • Size

    1.2MB

  • Sample

    201011-lv6fy2qcyn

  • MD5

    1e30713681e7439b059ea95431be132a

  • SHA1

    65bdde8c108dcafb27b5a5487c6723d52ccc5068

  • SHA256

    bad9f0b937bc7a74cd5657127e7d1707ce024ccb5434044ef305dffd4307f29b

  • SHA512

    13845f58c8ac39ff5a68e236f04669df3237afd37e6f93dccd1f767a19cca802f1e0526a69c03dd57552d37904eb1893ed3def7fefc63149bd26ec0de044ae0d

Score
10/10

Malware Config

Targets

    • Target

      bad9f0b937bc7a74cd5657127e7d1707ce024ccb5434044ef305dffd4307f29b

    • Size

      1.2MB

    • MD5

      1e30713681e7439b059ea95431be132a

    • SHA1

      65bdde8c108dcafb27b5a5487c6723d52ccc5068

    • SHA256

      bad9f0b937bc7a74cd5657127e7d1707ce024ccb5434044ef305dffd4307f29b

    • SHA512

      13845f58c8ac39ff5a68e236f04669df3237afd37e6f93dccd1f767a19cca802f1e0526a69c03dd57552d37904eb1893ed3def7fefc63149bd26ec0de044ae0d

    Score
    10/10
    • BazarBackdoor

      Stealthy backdoor targeting corporate networks, believed to be developed by Trickbot's authors.

    • Blacklisted process makes network request

    • Suspicious use of SetThreadContext

MITRE ATT&CK Enterprise v6

Tasks