doubleback | 73737bf28fa00ea1380bf98a76f6c2ff34bf25e8b489750acccc45df8e898022 | Triage

Submit
Reports

Overview

overview

Static

static

work.ps1

windows7_x64

work.ps1

windows10_x64

8

Sharing

General

Target

work.ps1
Size

1.4MB
Sample

210825-wzts68d5gn
MD5

7ba4b5c5d3e3276a3cfe8d581cf7173b
SHA1

79ba87b46562e75f097c1b6d23d3b63b9160bbaa
SHA256

73737bf28fa00ea1380bf98a76f6c2ff34bf25e8b489750acccc45df8e898022
SHA512

ccccc4402edc1c333f2b11955b4c2850f5b68674e473d57521cb009e2047a46f9c57c0151b9191d4a2e3b10931723d0191bba9b299ffb3bb293ff7d6f83598c6

Score

10^/10

doubleback backdoor

Static task

static1

Behavioral task

behavioral1

Sample

work.ps1

Resource

win7v20210410

doubleback backdoor

windows7_x64

0 signatures

0 seconds

Behavioral task

behavioral2

Sample

work.ps1

Resource

win10v20210408

windows10_x64

0 signatures

0 seconds

Malware Config

Targets

- Target
  
  work.ps1
- Size
  
  1.4MB
- MD5
  
  7ba4b5c5d3e3276a3cfe8d581cf7173b
- SHA1
  
  79ba87b46562e75f097c1b6d23d3b63b9160bbaa
- SHA256
  
  73737bf28fa00ea1380bf98a76f6c2ff34bf25e8b489750acccc45df8e898022
- SHA512
  
  ccccc4402edc1c333f2b11955b4c2850f5b68674e473d57521cb009e2047a46f9c57c0151b9191d4a2e3b10931723d0191bba9b299ffb3bb293ff7d6f83598c6
Score

10^/10

doubleback backdoor
- DoubleBack
  DoubleBack is a modular backdoor first seen in December 2020.
  backdoor doubleback
- DoubleBack x64 Payload
- Blocklisted process makes network request
behavioral1 behavioral2

MITRE ATT&CK Matrix

Tasks

static1

behavioral1

doublebackbackdoor

behavioral2

© 2018-2024

Terms | Privacy