bazarbackdoor | 0d8aeacf4ebf227ba7412f8f057a8cddc54021846092b635c8d674b2e28052c6 | Triage

Submit
Reports

Overview

overview

Static

static

0d8aeacf4e...c6.exe

windows7_x64

0d8aeacf4e...c6.exe

windows10-2004_x64

4

Sharing

General

Target

0d8aeacf4ebf227ba7412f8f057a8cddc54021846092b635c8d674b2e28052c6
Size

144KB
Sample

220219-j7cw4sagep
MD5

01440a3c0c44b76462a96d67626720fe
SHA1

c7ca55d99712d4aaf775815bc03aed8bc71cd966
SHA256

0d8aeacf4ebf227ba7412f8f057a8cddc54021846092b635c8d674b2e28052c6
SHA512

2f2996d48fa19ca2f2fc928f651d5f6742622b6fa8d0caba6136b2f9a26f93d0ec7f1fd5ac1644ff9439e33b10fe9fa4d29cbac2a255f9c236876d25a9ea35c6

Score

10^/10

bazarbackdoor backdoor

Static task

static1

Behavioral task

behavioral1

Sample

0d8aeacf4ebf227ba7412f8f057a8cddc54021846092b635c8d674b2e28052c6.exe

Resource

win7-en-20211208

bazarbackdoor backdoor

windows7_x64

0 signatures

0 seconds

Behavioral task

behavioral2

Sample

0d8aeacf4ebf227ba7412f8f057a8cddc54021846092b635c8d674b2e28052c6.exe

Resource

win10v2004-en-20220112

windows10-2004_x64

0 signatures

0 seconds

Malware Config

Targets

- Target
  
  0d8aeacf4ebf227ba7412f8f057a8cddc54021846092b635c8d674b2e28052c6
- Size
  
  144KB
- MD5
  
  01440a3c0c44b76462a96d67626720fe
- SHA1
  
  c7ca55d99712d4aaf775815bc03aed8bc71cd966
- SHA256
  
  0d8aeacf4ebf227ba7412f8f057a8cddc54021846092b635c8d674b2e28052c6
- SHA512
  
  2f2996d48fa19ca2f2fc928f651d5f6742622b6fa8d0caba6136b2f9a26f93d0ec7f1fd5ac1644ff9439e33b10fe9fa4d29cbac2a255f9c236876d25a9ea35c6
Score

10^/10

bazarbackdoor backdoor
- BazarBackdoor
  Stealthy backdoor targeting corporate networks, believed to be developed by Trickbot's authors.
  backdoor bazarbackdoor
- Tries to connect to .bazar domain
  Attempts to lookup or connect to a .bazar domain, used by BazarBackdoor, Trickbot, and potentially others.
behavioral1 behavioral2

MITRE ATT&CK Matrix

Tasks

static1

behavioral1

bazarbackdoorbackdoor

behavioral2

© 2018-2024

Terms | Privacy