Analysis
-
max time kernel
149s -
max time network
149s -
platform
windows10_x64 -
resource
win10v20201028 -
submitted
08-11-2020 14:32
Static task
static1
Behavioral task
behavioral1
Sample
c95fddc008d5feeaca3411f9d83319f26ea17481775855b3d82d5cd2552f653b.exe
Resource
win7v20201028
Behavioral task
behavioral2
Sample
c95fddc008d5feeaca3411f9d83319f26ea17481775855b3d82d5cd2552f653b.exe
Resource
win10v20201028
General
-
Target
c95fddc008d5feeaca3411f9d83319f26ea17481775855b3d82d5cd2552f653b.exe
-
Size
49KB
-
MD5
e07f7b9277b9a5e224abc3c3160ea91e
-
SHA1
7ddc8ff013fa4fa49aa463c0001213bcd9c86a43
-
SHA256
c95fddc008d5feeaca3411f9d83319f26ea17481775855b3d82d5cd2552f653b
-
SHA512
bb779ebfc354ec803a2ea33efde29317c5dd1f2728371a383bdf574a38740e49185c9ed4f83600ec9d9a5da684e059159a9d0c2738e3062b04c6513e73c88b7d
Malware Config
Signatures
-
BazarBackdoor 2 IoCs
Stealthy backdoor targeting corporate networks, believed to be developed by Trickbot's authors.
Processes:
description flow ioc HTTP URL 20 https://185.180.198.99/0145982651951962705622347565991739006783/2 HTTP URL 24 https://45.148.120.173/0145982651951962705622347565991739006783/2