bazarbackdoor | 170eece90b9c381a1a680c7bbf1ce1719e7ad094404d7dd4331bce6b808eb29b | Triage

Submit
Reports

Overview

overview

Static

static

Default

windows10_x64

Sharing

General

Target

Rep-Termination.exe
Size

505KB
Sample

201026-g34ywsv7gj
MD5

be59c51ab0b8196e58c77130fe6ad05c
SHA1

76ddd130f6856cbeef295683a6f527547875e7a2
SHA256

170eece90b9c381a1a680c7bbf1ce1719e7ad094404d7dd4331bce6b808eb29b
SHA512

46a36ef91da2b64cf939765784b6c7c3d387ef013f02407bb0b4bc9131e32619507148031ba75c7c7902fd86c45a9a025a53feddeb054f508acb6986ab42507e

Score

10^/10

bazarbackdoor backdoor

Static task

static1

Behavioral task

behavioral1

Sample

Rep-Termination.exe

Resource

win10

backdoor bazarbackdoor

windows10_x64

0 signatures

0 seconds

Malware Config

Targets

- Target
  
  Rep-Termination.exe
- Size
  
  505KB
- MD5
  
  be59c51ab0b8196e58c77130fe6ad05c
- SHA1
  
  76ddd130f6856cbeef295683a6f527547875e7a2
- SHA256
  
  170eece90b9c381a1a680c7bbf1ce1719e7ad094404d7dd4331bce6b808eb29b
- SHA512
  
  46a36ef91da2b64cf939765784b6c7c3d387ef013f02407bb0b4bc9131e32619507148031ba75c7c7902fd86c45a9a025a53feddeb054f508acb6986ab42507e
Score

10^/10

backdoor bazarbackdoor
- BazarBackdoor
  Stealthy backdoor targeting corporate networks, believed to be developed by Trickbot's authors.
  backdoor bazarbackdoor
- Blacklisted process makes network request
- Suspicious use of SetThreadContext
behavioral1

MITRE ATT&CK Matrix

Tasks

static1

behavioral1

backdoorbazarbackdoor

© 2018-2024

Terms | Privacy