Analysis
-
max time kernel
131s -
max time network
139s -
platform
windows7_x64 -
resource
win7v20201028 -
submitted
14-11-2020 18:12
Static task
static1
Behavioral task
behavioral1
Sample
64a6a8939b76e2cf66d9bcdf0282a6095cb78713f8f0b3597c3fcd917f27aa4e.exe
Resource
win7v20201028
Behavioral task
behavioral2
Sample
64a6a8939b76e2cf66d9bcdf0282a6095cb78713f8f0b3597c3fcd917f27aa4e.exe
Resource
win10v20201028
General
-
Target
64a6a8939b76e2cf66d9bcdf0282a6095cb78713f8f0b3597c3fcd917f27aa4e.exe
-
Size
49KB
-
MD5
0a2aa67503acf19eac03d5a2dd9a3ec6
-
SHA1
01201c69910cc3ff8423b610eb22e829091c8238
-
SHA256
64a6a8939b76e2cf66d9bcdf0282a6095cb78713f8f0b3597c3fcd917f27aa4e
-
SHA512
d2fc65db4c65130f0c0b2a3102d3d35cf0dc904ad93a4ac3cfa2e373132a916ec1f576c6a61d4cb1591c0648c3d3729333c298790b8ed6f477452c01a9d82897
Malware Config
Signatures
-
BazarBackdoor 1 IoCs
Stealthy backdoor targeting corporate networks, believed to be developed by Trickbot's authors.
Processes:
description flow ioc HTTP URL 12 https://45.148.120.173/0119123668850797652500747914470946493774/2