General

  • Target

    9f366947f3ade64c99643cd6327b7bd6332e611e86205083fbcbac79286d6084

  • Size

    156KB

  • Sample

    201013-d3j23zww2x

  • MD5

    7c59f2d9b3951009fd996245243a8db7

  • SHA1

    fc7a284c95f12ed716f239056bae42147a99086c

  • SHA256

    9f366947f3ade64c99643cd6327b7bd6332e611e86205083fbcbac79286d6084

  • SHA512

    7139762f71756a19388ba3009cdad4b64ad296a65b0b3a2a7b4da88e9d92e9b561ad8507cf4eb6e04e4cae150f5f8abe0a88250da203f0d6161e8ce9f1ec2172

Score
10/10

Malware Config

Targets

    • Target

      9f366947f3ade64c99643cd6327b7bd6332e611e86205083fbcbac79286d6084

    • Size

      156KB

    • MD5

      7c59f2d9b3951009fd996245243a8db7

    • SHA1

      fc7a284c95f12ed716f239056bae42147a99086c

    • SHA256

      9f366947f3ade64c99643cd6327b7bd6332e611e86205083fbcbac79286d6084

    • SHA512

      7139762f71756a19388ba3009cdad4b64ad296a65b0b3a2a7b4da88e9d92e9b561ad8507cf4eb6e04e4cae150f5f8abe0a88250da203f0d6161e8ce9f1ec2172

    Score
    10/10
    • BazarBackdoor

      Stealthy backdoor targeting corporate networks, believed to be developed by Trickbot's authors.

    • Blacklisted process makes network request

    • Suspicious use of SetThreadContext

MITRE ATT&CK Enterprise v6

Tasks