General
-
Target
b10dcec77e00b1f9b1f2e8e327a536987ca84bcb6b0c7327c292f87ed603837d
-
Size
226KB
-
Sample
220220-dqc8nagbb8
-
MD5
3fe91dbbcf0962895f768da6e40853ee
-
SHA1
15d070be7838e73a3862d267cb9aff0f0b77b715
-
SHA256
b10dcec77e00b1f9b1f2e8e327a536987ca84bcb6b0c7327c292f87ed603837d
-
SHA512
6fb428385e9d5332279c85023fe5db6e9a029647fb198ef289487b2999466a9643222394f1a38cc692b36d89481f30dfb64b861bb767e390f01c9fd71854402c
Static task
static1
Behavioral task
behavioral1
Sample
b10dcec77e00b1f9b1f2e8e327a536987ca84bcb6b0c7327c292f87ed603837d.exe
Resource
win7-en-20211208
Behavioral task
behavioral2
Sample
b10dcec77e00b1f9b1f2e8e327a536987ca84bcb6b0c7327c292f87ed603837d.exe
Resource
win10v2004-en-20220112
Malware Config
Targets
-
-
Target
b10dcec77e00b1f9b1f2e8e327a536987ca84bcb6b0c7327c292f87ed603837d
-
Size
226KB
-
MD5
3fe91dbbcf0962895f768da6e40853ee
-
SHA1
15d070be7838e73a3862d267cb9aff0f0b77b715
-
SHA256
b10dcec77e00b1f9b1f2e8e327a536987ca84bcb6b0c7327c292f87ed603837d
-
SHA512
6fb428385e9d5332279c85023fe5db6e9a029647fb198ef289487b2999466a9643222394f1a38cc692b36d89481f30dfb64b861bb767e390f01c9fd71854402c
Score10/10-
BazarBackdoor
Stealthy backdoor targeting corporate networks, believed to be developed by Trickbot's authors.
-
Tries to connect to .bazar domain
Attempts to lookup or connect to a .bazar domain, used by BazarBackdoor, Trickbot, and potentially others.
-
Looks up external IP address via web service
Uses a legitimate IP lookup service to find the infected system's external IP.
-