Analysis
-
max time kernel
133s -
max time network
143s -
platform
windows7_x64 -
resource
win7v20201028 -
submitted
14-11-2020 17:56
Static task
static1
Behavioral task
behavioral1
Sample
3d95f3c7593fbd2ec871df09b32358bfbb7c524622beb5caa37d80e6a8d1f42b.exe
Resource
win7v20201028
Behavioral task
behavioral2
Sample
3d95f3c7593fbd2ec871df09b32358bfbb7c524622beb5caa37d80e6a8d1f42b.exe
Resource
win10v20201028
General
-
Target
3d95f3c7593fbd2ec871df09b32358bfbb7c524622beb5caa37d80e6a8d1f42b.exe
-
Size
243KB
-
MD5
31bd4a09f38d46045b1499e91366593a
-
SHA1
9facaa27daed9e7974963cb98638008c6b1d9c70
-
SHA256
3d95f3c7593fbd2ec871df09b32358bfbb7c524622beb5caa37d80e6a8d1f42b
-
SHA512
a6b5c7d4509c81dc8231fb9476789b3d956dc93936f826ee852897fe71c7e438dccdffdd08e79161c4147918241f9518dc6b335d2ce3044ac8b956dabb31b7d9
Malware Config
Signatures
-
BazarBackdoor 1 IoCs
Stealthy backdoor targeting corporate networks, believed to be developed by Trickbot's authors.
Processes:
description flow ioc HTTP URL 9 https://45.148.120.173/72c5e676b29f5ec54d226eb16133c4da/4
Processes
Network
MITRE ATT&CK Matrix
Replay Monitor
Loading Replay Monitor...
Downloads
-
memory/1172-0-0x000007FEF7C10000-0x000007FEF7E8A000-memory.dmpFilesize
2.5MB