General

  • Target

    Report13-10.exe

  • Size

    605KB

  • Sample

    201013-r83yzn8zae

  • MD5

    a5120458f05320d306041e37ce72c0c9

  • SHA1

    d1e1329f0b68a75bf47a9b5957f7aa1dff8c11b9

  • SHA256

    cf535eb0782fd0ee4c246fcca439c85b79f5854e80ae1128d6314b7d76fef110

  • SHA512

    dc4fc6feadae1b4fa621d08106ea68e6d7af90e255ee4a70ab164f763a66a2d72c600eeb97b683c2e8f49d8fd13121b5c133ffb5fef6d82e5ba50e5786a78d4e

Score
10/10

Malware Config

Targets

    • Target

      Report13-10.exe

    • Size

      605KB

    • MD5

      a5120458f05320d306041e37ce72c0c9

    • SHA1

      d1e1329f0b68a75bf47a9b5957f7aa1dff8c11b9

    • SHA256

      cf535eb0782fd0ee4c246fcca439c85b79f5854e80ae1128d6314b7d76fef110

    • SHA512

      dc4fc6feadae1b4fa621d08106ea68e6d7af90e255ee4a70ab164f763a66a2d72c600eeb97b683c2e8f49d8fd13121b5c133ffb5fef6d82e5ba50e5786a78d4e

    Score
    10/10
    • BazarBackdoor

      Stealthy backdoor targeting corporate networks, believed to be developed by Trickbot's authors.

    • Blacklisted process makes network request

    • Suspicious use of SetThreadContext

MITRE ATT&CK Enterprise v6

Tasks