Analysis
-
max time kernel
149s -
max time network
149s -
platform
windows10_x64 -
resource
win10v20201028 -
submitted
10-11-2020 11:28
Static task
static1
Behavioral task
behavioral1
Sample
7a0570c7fd958bc0ffe680401c282ab2d40801f353325b7bb9aa1b58b6cc6670.exe
Resource
win7v20201028
Behavioral task
behavioral2
Sample
7a0570c7fd958bc0ffe680401c282ab2d40801f353325b7bb9aa1b58b6cc6670.exe
Resource
win10v20201028
General
-
Target
7a0570c7fd958bc0ffe680401c282ab2d40801f353325b7bb9aa1b58b6cc6670.exe
-
Size
49KB
-
MD5
31fdbc16656a49d5c7ab8382649ca99f
-
SHA1
e6515436b3d173b2f6af2e8dcb696b3b43cc249e
-
SHA256
7a0570c7fd958bc0ffe680401c282ab2d40801f353325b7bb9aa1b58b6cc6670
-
SHA512
e2d4c4b9d4b5d69338e1e10b4404a412d813a5e48e89e9d14120e953227a9c33d3f76192a7e684beb0db6f4ac5b93ce4ee563bb25172b5af349a6380fa60ef44
Malware Config
Signatures
-
BazarBackdoor 2 IoCs
Stealthy backdoor targeting corporate networks, believed to be developed by Trickbot's authors.
Processes:
description flow ioc HTTP URL 22 https://185.180.198.99/0145982651951962705622347565991739006783/2 HTTP URL 26 https://45.148.120.173/0145982651951962705622347565991739006783/2