General

  • Target

    Text_Report.exe

  • Size

    4.8MB

  • Sample

    201013-81vdzd42sn

  • MD5

    c2f2a2ed5aad010ac29777a075c9f75f

  • SHA1

    8ef1fa0ec74740e668a7ebc927f7c93772e46029

  • SHA256

    a8a5aa848cf8b1db1ca8b5ff827cb448d7bc34087369e6cbb621d6b9eadc4513

  • SHA512

    3e7f933790bb88e52d2537cbb7485e967dd789065644b24be947998228d5fac23fdb0111e4283e9179eb4a22830161159af5cd5bcb0e29d106e9b9d5bc2eb466

Score
10/10

Malware Config

Targets

    • Target

      Text_Report.exe

    • Size

      4.8MB

    • MD5

      c2f2a2ed5aad010ac29777a075c9f75f

    • SHA1

      8ef1fa0ec74740e668a7ebc927f7c93772e46029

    • SHA256

      a8a5aa848cf8b1db1ca8b5ff827cb448d7bc34087369e6cbb621d6b9eadc4513

    • SHA512

      3e7f933790bb88e52d2537cbb7485e967dd789065644b24be947998228d5fac23fdb0111e4283e9179eb4a22830161159af5cd5bcb0e29d106e9b9d5bc2eb466

    Score
    10/10
    • BazarBackdoor

      Stealthy backdoor targeting corporate networks, believed to be developed by Trickbot's authors.

    • Blacklisted process makes network request

    • Suspicious use of SetThreadContext

MITRE ATT&CK Enterprise v6

Tasks