General
-
Target
20600d884b5e7d9d8f040ffb88a9ec4248e10dde4d9d49a559f80484e1e1b309
-
Size
391KB
-
Sample
201011-zldvag1fa2
-
MD5
1e45d2c90541608526cbce3ea399af74
-
SHA1
d3ca2ad3d6cf4c97f9922391d7a8830da3d51b2f
-
SHA256
20600d884b5e7d9d8f040ffb88a9ec4248e10dde4d9d49a559f80484e1e1b309
-
SHA512
ee4aa6274f547d3f2e672a3fe0438a48b284824b6fad4d19cbaec51e78bb34111da40a392118b12e4ef93db18e73b8d4950f3e98f1ef9084af19bb423fe52323
Static task
static1
Behavioral task
behavioral1
Sample
20600d884b5e7d9d8f040ffb88a9ec4248e10dde4d9d49a559f80484e1e1b309.exe
Resource
win7v200722
Behavioral task
behavioral2
Sample
20600d884b5e7d9d8f040ffb88a9ec4248e10dde4d9d49a559f80484e1e1b309.exe
Resource
win10
Malware Config
Targets
-
-
Target
20600d884b5e7d9d8f040ffb88a9ec4248e10dde4d9d49a559f80484e1e1b309
-
Size
391KB
-
MD5
1e45d2c90541608526cbce3ea399af74
-
SHA1
d3ca2ad3d6cf4c97f9922391d7a8830da3d51b2f
-
SHA256
20600d884b5e7d9d8f040ffb88a9ec4248e10dde4d9d49a559f80484e1e1b309
-
SHA512
ee4aa6274f547d3f2e672a3fe0438a48b284824b6fad4d19cbaec51e78bb34111da40a392118b12e4ef93db18e73b8d4950f3e98f1ef9084af19bb423fe52323
Score10/10-
BazarBackdoor
Stealthy backdoor targeting corporate networks, believed to be developed by Trickbot's authors.
-
Blacklisted process makes network request
-
Suspicious use of SetThreadContext
-