General
-
Target
Preview_Annual.exe
-
Size
724KB
-
Sample
201102-ewvefykja2
-
MD5
d26dfb467faddf31b3363a3f28451895
-
SHA1
9528b250b858c62cbdfe84a9624be95500b11412
-
SHA256
e46a14fd50cc6423ccaaeae41728f15d0d951dc05cc5feb86221490c83210651
-
SHA512
092c32bfad907c8edc39cc82cd13d8ef30aecbf299ddd881158c57a05076c72a2b5fa96ec3075073c54859f3614ee68556df1bfca1e895dcc0067d81a38bec77
Static task
static1
Behavioral task
behavioral1
Sample
Preview_Annual.exe
Resource
win7v20201028
Behavioral task
behavioral2
Sample
Preview_Annual.exe
Resource
win10v20201028
Malware Config
Targets
-
-
Target
Preview_Annual.exe
-
Size
724KB
-
MD5
d26dfb467faddf31b3363a3f28451895
-
SHA1
9528b250b858c62cbdfe84a9624be95500b11412
-
SHA256
e46a14fd50cc6423ccaaeae41728f15d0d951dc05cc5feb86221490c83210651
-
SHA512
092c32bfad907c8edc39cc82cd13d8ef30aecbf299ddd881158c57a05076c72a2b5fa96ec3075073c54859f3614ee68556df1bfca1e895dcc0067d81a38bec77
Score10/10-
BazarBackdoor
Stealthy backdoor targeting corporate networks, believed to be developed by Trickbot's authors.
-
Blacklisted process makes network request
-
Suspicious use of SetThreadContext
-