General

  • Target

    8f62ed60962df60d1d11c6e2a97a3a6e.exe

  • Size

    671KB

  • Sample

    201104-k883ft2bb2

  • MD5

    8f62ed60962df60d1d11c6e2a97a3a6e

  • SHA1

    d7a80002dba75d642cd05f094110e147541f2058

  • SHA256

    df25322be14f617652607a150c806b4ecb3a3317564755518b8100063b58a50e

  • SHA512

    3b8b5dcf317eb0a5dd061832fa8bc6eb6b1aa290104423b02c3e9b6cd4a5744c1922010478603b545470f303ee4eb65f17d494a5e222b382cd922a7fd75f7080

Score
10/10

Malware Config

Targets

    • Target

      8f62ed60962df60d1d11c6e2a97a3a6e.exe

    • Size

      671KB

    • MD5

      8f62ed60962df60d1d11c6e2a97a3a6e

    • SHA1

      d7a80002dba75d642cd05f094110e147541f2058

    • SHA256

      df25322be14f617652607a150c806b4ecb3a3317564755518b8100063b58a50e

    • SHA512

      3b8b5dcf317eb0a5dd061832fa8bc6eb6b1aa290104423b02c3e9b6cd4a5744c1922010478603b545470f303ee4eb65f17d494a5e222b382cd922a7fd75f7080

    Score
    10/10
    • BazarBackdoor

      Stealthy backdoor targeting corporate networks, believed to be developed by Trickbot's authors.

    • Blacklisted process makes network request

    • Suspicious use of SetThreadContext

MITRE ATT&CK Matrix ATT&CK v6

Defense Evasion

Install Root Certificate

1
T1130

Modify Registry

1
T1112

Tasks