General
-
Target
Document-26-10.exe
-
Size
500KB
-
Sample
201026-lnjr8cp3kj
-
MD5
f67b4f600c31ed5cc60ac7afda14233a
-
SHA1
579dccf341148d7fd7285c777e3b35d4f5dd8f0d
-
SHA256
d41c191058675d5e5280c63aaa04e8eee80401d6887205c47f26723e1de9decb
-
SHA512
4ade95dfc60e7494bdee338b0d59d254b83fde404041a73843e09e54e2cc9bb8712e900029152c829a2ea55b86bb09f630d00372c70f68a7ca41aded92401652
Static task
static1
Behavioral task
behavioral1
Sample
Document-26-10.exe
Resource
win7
Behavioral task
behavioral2
Sample
Document-26-10.exe
Resource
win10
Malware Config
Targets
-
-
Target
Document-26-10.exe
-
Size
500KB
-
MD5
f67b4f600c31ed5cc60ac7afda14233a
-
SHA1
579dccf341148d7fd7285c777e3b35d4f5dd8f0d
-
SHA256
d41c191058675d5e5280c63aaa04e8eee80401d6887205c47f26723e1de9decb
-
SHA512
4ade95dfc60e7494bdee338b0d59d254b83fde404041a73843e09e54e2cc9bb8712e900029152c829a2ea55b86bb09f630d00372c70f68a7ca41aded92401652
Score10/10-
BazarBackdoor
Stealthy backdoor targeting corporate networks, believed to be developed by Trickbot's authors.
-
Bazar/Team9 Loader payload
-
Blocklisted process makes network request
-
Suspicious use of SetThreadContext
-