General
-
Target
5060233810706432.zip
-
Size
398KB
-
Sample
201102-8xzgba3b46
-
MD5
dd736b49114dac8456ee1191f4b7f787
-
SHA1
cd3e8414639e2d86d788fd436850a3377555945c
-
SHA256
ff2ce10429e9f417f15599789d02e840ee15b4e59c586e7af2fbda7b79ffdf8b
-
SHA512
05a601e5637c7557067862c0d019b0256dc3921760000afebe26a0f10367ce842ae349d3590d9472dda7b406c62188021ff70549db8d5bd41428de82f9f24815
Static task
static1
Behavioral task
behavioral1
Sample
Preview_Annual.exe
Resource
win7v20201028
Behavioral task
behavioral2
Sample
Preview_Annual.exe
Resource
win10v20201028
Malware Config
Targets
-
-
Target
Preview_Annual.exe
-
Size
724KB
-
MD5
d26dfb467faddf31b3363a3f28451895
-
SHA1
9528b250b858c62cbdfe84a9624be95500b11412
-
SHA256
e46a14fd50cc6423ccaaeae41728f15d0d951dc05cc5feb86221490c83210651
-
SHA512
092c32bfad907c8edc39cc82cd13d8ef30aecbf299ddd881158c57a05076c72a2b5fa96ec3075073c54859f3614ee68556df1bfca1e895dcc0067d81a38bec77
Score10/10-
BazarBackdoor
Stealthy backdoor targeting corporate networks, believed to be developed by Trickbot's authors.
-
Blacklisted process makes network request
-
Suspicious use of SetThreadContext
-