Analysis
-
max time kernel
134s -
max time network
144s -
platform
windows7_x64 -
resource
win7v20201028 -
submitted
14-11-2020 18:08
Static task
static1
Behavioral task
behavioral1
Sample
1e0f0349d312393bee045538542709b0186c3bee16c1dae91b01f46f4b3b2e57.exe
Resource
win7v20201028
Behavioral task
behavioral2
Sample
1e0f0349d312393bee045538542709b0186c3bee16c1dae91b01f46f4b3b2e57.exe
Resource
win10v20201028
General
-
Target
1e0f0349d312393bee045538542709b0186c3bee16c1dae91b01f46f4b3b2e57.exe
-
Size
243KB
-
MD5
a01724a2fe6b05ddaf48847614d2a0a5
-
SHA1
c72ce454ff58e06e82393924fc1f382688020b76
-
SHA256
1e0f0349d312393bee045538542709b0186c3bee16c1dae91b01f46f4b3b2e57
-
SHA512
076a4da695ff848298438ee97f4911e99d4366b0a728d6a9283473eb2ca4d1aa659f6b19206a95cce0613f97874e3bda3bc62089e4a583f8ad672437aa17b823
Malware Config
Signatures
-
BazarBackdoor 1 IoCs
Stealthy backdoor targeting corporate networks, believed to be developed by Trickbot's authors.
Processes:
description flow ioc HTTP URL 10 https://45.148.120.173/852b57d84ba48302555ce2a35a1277ce/4
Processes
Network
MITRE ATT&CK Matrix
Replay Monitor
Loading Replay Monitor...
Downloads
-
memory/1800-0-0x000007FEF7D30000-0x000007FEF7FAA000-memory.dmpFilesize
2.5MB