General

  • Target

    Report13-10.exe

  • Size

    5.0MB

  • Sample

    201013-bya3742w36

  • MD5

    db396d87a2fa4452f3f350e7d96e28aa

  • SHA1

    5b47d77058da6c2c7eb724232f123698ab4de4a2

  • SHA256

    0749bf91a4fb4a8d74096ea4d202e07f3dc72feb693008b1d0b1ee68c3f80281

  • SHA512

    7e89fe3b1e2d7e36e7a03461c4994f314aeaa6ba7cf050c373d5b28852b6c85db6ab116aae0d978c744e90846a28ac7e8838dd5bc44a97299da84d9e1e7bccd0

Score
10/10

Malware Config

Targets

    • Target

      Report13-10.exe

    • Size

      5.0MB

    • MD5

      db396d87a2fa4452f3f350e7d96e28aa

    • SHA1

      5b47d77058da6c2c7eb724232f123698ab4de4a2

    • SHA256

      0749bf91a4fb4a8d74096ea4d202e07f3dc72feb693008b1d0b1ee68c3f80281

    • SHA512

      7e89fe3b1e2d7e36e7a03461c4994f314aeaa6ba7cf050c373d5b28852b6c85db6ab116aae0d978c744e90846a28ac7e8838dd5bc44a97299da84d9e1e7bccd0

    Score
    10/10
    • BazarBackdoor

      Stealthy backdoor targeting corporate networks, believed to be developed by Trickbot's authors.

    • Blacklisted process makes network request

    • Suspicious use of SetThreadContext

MITRE ATT&CK Enterprise v6

Tasks