General

  • Target

    1 (24)

  • Size

    2.7MB

  • Sample

    201016-g9v3vjdqrs

  • MD5

    fdfd37674db12790c3221fa61295ddbc

  • SHA1

    d369146408d196f178b6cc93ab23a95cc3dba2ca

  • SHA256

    2401f452f6d0f56ae19bead5e3285312eabb9f497897f5ac96b498722b690de0

  • SHA512

    783e9c12746f3dfdef0458ebfdd46dd2fc95de3efa8cb0e2978558c699951f7a72c978d4d948e5ca109610c75081b04c684d7750b7d4198ba2104fb3d6846cc0

Score
10/10

Malware Config

Targets

    • Target

      1 (24)

    • Size

      2.7MB

    • MD5

      fdfd37674db12790c3221fa61295ddbc

    • SHA1

      d369146408d196f178b6cc93ab23a95cc3dba2ca

    • SHA256

      2401f452f6d0f56ae19bead5e3285312eabb9f497897f5ac96b498722b690de0

    • SHA512

      783e9c12746f3dfdef0458ebfdd46dd2fc95de3efa8cb0e2978558c699951f7a72c978d4d948e5ca109610c75081b04c684d7750b7d4198ba2104fb3d6846cc0

    Score
    10/10
    • BazarBackdoor

      Stealthy backdoor targeting corporate networks, believed to be developed by Trickbot's authors.

    • Blacklisted process makes network request

    • Suspicious use of SetThreadContext

MITRE ATT&CK Enterprise v6

Tasks