General
-
Target
Text_Report.exe
-
Size
4.8MB
-
Sample
201013-81vdzd42sn
-
MD5
c2f2a2ed5aad010ac29777a075c9f75f
-
SHA1
8ef1fa0ec74740e668a7ebc927f7c93772e46029
-
SHA256
a8a5aa848cf8b1db1ca8b5ff827cb448d7bc34087369e6cbb621d6b9eadc4513
-
SHA512
3e7f933790bb88e52d2537cbb7485e967dd789065644b24be947998228d5fac23fdb0111e4283e9179eb4a22830161159af5cd5bcb0e29d106e9b9d5bc2eb466
Static task
static1
Behavioral task
behavioral1
Sample
Text_Report.exe
Resource
win7
Behavioral task
behavioral2
Sample
Text_Report.exe
Resource
win7v200722
Malware Config
Targets
-
-
Target
Text_Report.exe
-
Size
4.8MB
-
MD5
c2f2a2ed5aad010ac29777a075c9f75f
-
SHA1
8ef1fa0ec74740e668a7ebc927f7c93772e46029
-
SHA256
a8a5aa848cf8b1db1ca8b5ff827cb448d7bc34087369e6cbb621d6b9eadc4513
-
SHA512
3e7f933790bb88e52d2537cbb7485e967dd789065644b24be947998228d5fac23fdb0111e4283e9179eb4a22830161159af5cd5bcb0e29d106e9b9d5bc2eb466
Score10/10-
BazarBackdoor
Stealthy backdoor targeting corporate networks, believed to be developed by Trickbot's authors.
-
Blacklisted process makes network request
-
Suspicious use of SetThreadContext
-