bazarbackdoor | 982678f901df2dac6f86d7acbad528bce7326c842332fad281ef87ff08692d3b | Triage

Analysis

max time kernel
135s
max time network
146s
platform
windows7_x64
resource
win7v20201028
submitted
10-11-2020 11:00

Sharing

Report Analysis Logs

General

Target

982678f901df2dac6f86d7acbad528bce7326c842332fad281ef87ff08692d3b.exe
Size

170KB
MD5

86a72c13978c9d9fe050d001e873fa4c
SHA1

58927384fbe7e19db6ac766fc5d8649fc2f8ae43
SHA256

982678f901df2dac6f86d7acbad528bce7326c842332fad281ef87ff08692d3b
SHA512

ab4fdc79421df2aea14c621a83810695e6448e6f35bb92fb339046e3e20d878d0081bc128688151b7633f1d979b677d430ec5a1228864687a68a37afa89f0323

Score

10^/10

bazarbackdoor backdoor

Malware Config

Signatures

BazarBackdoor 3 IoCs

Stealthy backdoor targeting corporate networks, believed to be developed by Trickbot's authors.

backdoor bazarbackdoor

Processes:

description	flow	ioc
HTTP URL	7	https://45.148.120.173/2b5b1b7853b83412e5d8ae522cec669b/2
HTTP URL	8	https://45.148.120.173/2b5b1b7853b83412e5d8ae522cec669b/2
HTTP URL	9	https://45.148.120.173/2b5b1b7853b83412e5d8ae522cec669b/2

C:\Users\Admin\AppData\Local\Temp\982678f901df2dac6f86d7acbad528bce7326c842332fad281ef87ff08692d3b.exe
"C:\Users\Admin\AppData\Local\Temp\982678f901df2dac6f86d7acbad528bce7326c842332fad281ef87ff08692d3b.exe"
1⤵
PID:344

Network

MITRE ATT&CK Matrix

Replay Monitor

Loading Replay Monitor...