bazarbackdoor | 64a6a8939b76e2cf66d9bcdf0282a6095cb78713f8f0b3597c3fcd917f27aa4e | Triage

Analysis

max time kernel
131s
max time network
139s
platform
windows7_x64
resource
win7v20201028
submitted
14-11-2020 18:12

Sharing

Report Analysis Logs

General

Target

64a6a8939b76e2cf66d9bcdf0282a6095cb78713f8f0b3597c3fcd917f27aa4e.exe
Size

49KB
MD5

0a2aa67503acf19eac03d5a2dd9a3ec6
SHA1

01201c69910cc3ff8423b610eb22e829091c8238
SHA256

64a6a8939b76e2cf66d9bcdf0282a6095cb78713f8f0b3597c3fcd917f27aa4e
SHA512

d2fc65db4c65130f0c0b2a3102d3d35cf0dc904ad93a4ac3cfa2e373132a916ec1f576c6a61d4cb1591c0648c3d3729333c298790b8ed6f477452c01a9d82897

Score

10^/10

bazarbackdoor backdoor

Malware Config

Signatures

BazarBackdoor 1 IoCs
Stealthy backdoor targeting corporate networks, believed to be developed by Trickbot's authors.
backdoor bazarbackdoor

Processes:

description flow ioc

HTTP URL 12 https://45.148.120.173/0119123668850797652500747914470946493774/2

C:\Users\Admin\AppData\Local\Temp\64a6a8939b76e2cf66d9bcdf0282a6095cb78713f8f0b3597c3fcd917f27aa4e.exe
"C:\Users\Admin\AppData\Local\Temp\64a6a8939b76e2cf66d9bcdf0282a6095cb78713f8f0b3597c3fcd917f27aa4e.exe"
1⤵
PID:1700

Network

MITRE ATT&CK Matrix

Replay Monitor

Loading Replay Monitor...