General

  • Target

    1 (25)

  • Size

    2.7MB

  • Sample

    201016-qsmbn3sctn

  • MD5

    c84808d7e174d4deb409b703bc8f9d31

  • SHA1

    97ae8010a42389871779da74a8dde16d588eb66f

  • SHA256

    44902d182cac03209a910da941fb337517ee0411193b1d24ebf0e9a88f3f7982

  • SHA512

    b277a5a298e15d43c35d8a398807b342d2392d562e9496fdb10a7f575fc5509bfc0e3a67f4ca670826d6fe9004c3aa36554ea73d1073b40a82ee30ea97538a09

Score
10/10

Malware Config

Targets

    • Target

      1 (25)

    • Size

      2.7MB

    • MD5

      c84808d7e174d4deb409b703bc8f9d31

    • SHA1

      97ae8010a42389871779da74a8dde16d588eb66f

    • SHA256

      44902d182cac03209a910da941fb337517ee0411193b1d24ebf0e9a88f3f7982

    • SHA512

      b277a5a298e15d43c35d8a398807b342d2392d562e9496fdb10a7f575fc5509bfc0e3a67f4ca670826d6fe9004c3aa36554ea73d1073b40a82ee30ea97538a09

    Score
    10/10
    • BazarBackdoor

      Stealthy backdoor targeting corporate networks, believed to be developed by Trickbot's authors.

    • Blacklisted process makes network request

    • Suspicious use of SetThreadContext

MITRE ATT&CK Enterprise v6

Tasks