Overview

overview

10

Static

static

f83a815ce0...95.exe

windows7_x64

10

f83a815ce0...95.exe

windows10-2004_x64

10

Sharing

Copy URL
Twitter E-mail

General

  • Target

    f83a815ce0457b50321706957c23ce8875318cfe5a6f983a0d0c580ebe359295

  • Size

    173KB

  • Sample

    220220-agb3fsfffr

  • MD5

    fa743c66268dea043d8068a5c96b4c43

  • SHA1

    3867303b21bf5102c7d66d492f082dc9fbc67544

  • SHA256

    f83a815ce0457b50321706957c23ce8875318cfe5a6f983a0d0c580ebe359295

  • SHA512

    3b243ba27abc5a11dd2438cf8e3c16f333dc87bb6265c9801265fecab17f348c476045715c7ed1a5cf7bceaff20168147331197208df262b3ec518943eeda301

Score
10/10
bazarbackdoorbackdoor

Malware Config

Targets

    • Target

      f83a815ce0457b50321706957c23ce8875318cfe5a6f983a0d0c580ebe359295

    • Size

      173KB

    • MD5

      fa743c66268dea043d8068a5c96b4c43

    • SHA1

      3867303b21bf5102c7d66d492f082dc9fbc67544

    • SHA256

      f83a815ce0457b50321706957c23ce8875318cfe5a6f983a0d0c580ebe359295

    • SHA512

      3b243ba27abc5a11dd2438cf8e3c16f333dc87bb6265c9801265fecab17f348c476045715c7ed1a5cf7bceaff20168147331197208df262b3ec518943eeda301

    Score
    10/10
    bazarbackdoorbackdoor

    • BazarBackdoor

      Stealthy backdoor targeting corporate networks, believed to be developed by Trickbot's authors.

      backdoorbazarbackdoor

    • Tries to connect to .bazar domain

      Attempts to lookup or connect to a .bazar domain, used by BazarBackdoor, Trickbot, and potentially others.

    behavioral1behavioral2

MITRE ATT&CK Enterprise v6

Tasks