Overview

overview

10

Static

static

Document-Annual.exe

windows7_x64

10

Document-Annual.exe

windows10_x64

10

Sharing

Copy URL
Twitter E-mail

General

  • Target

    Document-Annual.exe

  • Size

    505KB

  • Sample

    201026-35qc6f9f16

  • MD5

    e8ee3fc019e9b1427560e78bfb365bb8

  • SHA1

    783d746beb89914f633d97ff370691767ecd4a24

  • SHA256

    003d4f4a8020c7e8dfeb299fdd859c9d6323bc4cee81ec0e0c9e52d9dd1a99ef

  • SHA512

    5611bcd04d0d0f50439d226c701709983312a0460183a4b37dd3621a0bd1a1603dfe27201a8098fe27923c80e93296ff7a624b91cf035a2afa7006bbee8b798a

Score
10/10
bazarbackdoorbackdoor

Malware Config

Targets

    • Target

      Document-Annual.exe

    • Size

      505KB

    • MD5

      e8ee3fc019e9b1427560e78bfb365bb8

    • SHA1

      783d746beb89914f633d97ff370691767ecd4a24

    • SHA256

      003d4f4a8020c7e8dfeb299fdd859c9d6323bc4cee81ec0e0c9e52d9dd1a99ef

    • SHA512

      5611bcd04d0d0f50439d226c701709983312a0460183a4b37dd3621a0bd1a1603dfe27201a8098fe27923c80e93296ff7a624b91cf035a2afa7006bbee8b798a

    Score
    10/10
    backdoorbazarbackdoor

    • BazarBackdoor

      Stealthy backdoor targeting corporate networks, believed to be developed by Trickbot's authors.

      backdoorbazarbackdoor

    • Blacklisted process makes network request

    • Suspicious use of SetThreadContext

    behavioral1behavioral2

MITRE ATT&CK Matrix ATT&CK v6

Initial Access

Execution

Persistence

Privilege Escalation

Defense Evasion

Install Root Certificate

1
T1130

Modify Registry

1
T1112

Credential Access

Discovery

Lateral Movement

Collection

Exfiltration

Command and Control

Impact

Tasks