Analysis
-
max time kernel
135s -
max time network
146s -
platform
windows7_x64 -
resource
win7v20201028 -
submitted
10-11-2020 11:00
Static task
static1
Behavioral task
behavioral1
Sample
982678f901df2dac6f86d7acbad528bce7326c842332fad281ef87ff08692d3b.exe
Resource
win7v20201028
Behavioral task
behavioral2
Sample
982678f901df2dac6f86d7acbad528bce7326c842332fad281ef87ff08692d3b.exe
Resource
win10v20201028
General
-
Target
982678f901df2dac6f86d7acbad528bce7326c842332fad281ef87ff08692d3b.exe
-
Size
170KB
-
MD5
86a72c13978c9d9fe050d001e873fa4c
-
SHA1
58927384fbe7e19db6ac766fc5d8649fc2f8ae43
-
SHA256
982678f901df2dac6f86d7acbad528bce7326c842332fad281ef87ff08692d3b
-
SHA512
ab4fdc79421df2aea14c621a83810695e6448e6f35bb92fb339046e3e20d878d0081bc128688151b7633f1d979b677d430ec5a1228864687a68a37afa89f0323
Malware Config
Signatures
-
BazarBackdoor 3 IoCs
Stealthy backdoor targeting corporate networks, believed to be developed by Trickbot's authors.
Processes:
description flow ioc HTTP URL 7 https://45.148.120.173/2b5b1b7853b83412e5d8ae522cec669b/2 HTTP URL 8 https://45.148.120.173/2b5b1b7853b83412e5d8ae522cec669b/2 HTTP URL 9 https://45.148.120.173/2b5b1b7853b83412e5d8ae522cec669b/2