General
-
Target
JVrLyRD.dat
-
Size
242KB
-
Sample
210824-68px7xses6
-
MD5
12e60d21fd9c8675368635ea5246e393
-
SHA1
60ae64cd005f862797279fb151c9a0433b8e654c
-
SHA256
70c2422033dd395c0a6c15b5e6dbdde34aa65b7481d4b8298e70e0c3e72a2182
-
SHA512
6509c404b274af6250a241b441558d010729da12bbad47dd59c2da5a7480f682ff8c5bfeace9b2bc65db22f212b6399cd74f3f25ae22354db0ca8e06d85ed189
Static task
static1
Behavioral task
behavioral1
Sample
JVrLyRD.dat.dll
Resource
win7v20210410
Behavioral task
behavioral2
Sample
JVrLyRD.dat.dll
Resource
win10v20210408
Malware Config
Targets
-
-
Target
JVrLyRD.dat
-
Size
242KB
-
MD5
12e60d21fd9c8675368635ea5246e393
-
SHA1
60ae64cd005f862797279fb151c9a0433b8e654c
-
SHA256
70c2422033dd395c0a6c15b5e6dbdde34aa65b7481d4b8298e70e0c3e72a2182
-
SHA512
6509c404b274af6250a241b441558d010729da12bbad47dd59c2da5a7480f682ff8c5bfeace9b2bc65db22f212b6399cd74f3f25ae22354db0ca8e06d85ed189
Score10/10-
BazarBackdoor
Stealthy backdoor targeting corporate networks, believed to be developed by Trickbot's authors.
-
Bazar/Team9 Backdoor payload
-
Bazar/Team9 Loader payload
-
Suspicious use of SetThreadContext
-