General
-
Target
Document-Annual.exe
-
Size
505KB
-
Sample
201026-35qc6f9f16
-
MD5
e8ee3fc019e9b1427560e78bfb365bb8
-
SHA1
783d746beb89914f633d97ff370691767ecd4a24
-
SHA256
003d4f4a8020c7e8dfeb299fdd859c9d6323bc4cee81ec0e0c9e52d9dd1a99ef
-
SHA512
5611bcd04d0d0f50439d226c701709983312a0460183a4b37dd3621a0bd1a1603dfe27201a8098fe27923c80e93296ff7a624b91cf035a2afa7006bbee8b798a
Static task
static1
Behavioral task
behavioral1
Sample
Document-Annual.exe
Resource
win7
Behavioral task
behavioral2
Sample
Document-Annual.exe
Resource
win10
Malware Config
Targets
-
-
Target
Document-Annual.exe
-
Size
505KB
-
MD5
e8ee3fc019e9b1427560e78bfb365bb8
-
SHA1
783d746beb89914f633d97ff370691767ecd4a24
-
SHA256
003d4f4a8020c7e8dfeb299fdd859c9d6323bc4cee81ec0e0c9e52d9dd1a99ef
-
SHA512
5611bcd04d0d0f50439d226c701709983312a0460183a4b37dd3621a0bd1a1603dfe27201a8098fe27923c80e93296ff7a624b91cf035a2afa7006bbee8b798a
Score10/10-
BazarBackdoor
Stealthy backdoor targeting corporate networks, believed to be developed by Trickbot's authors.
-
Blacklisted process makes network request
-
Suspicious use of SetThreadContext
-