bazarbackdoor | b10dcec77e00b1f9b1f2e8e327a536987ca84bcb6b0c7327c292f87ed603837d | Triage

Submit
Reports

Overview

overview

Static

static

b10dcec77e...7d.exe

windows7_x64

b10dcec77e...7d.exe

windows10-2004_x64

Sharing

General

Target

b10dcec77e00b1f9b1f2e8e327a536987ca84bcb6b0c7327c292f87ed603837d
Size

226KB
Sample

220220-dqc8nagbb8
MD5

3fe91dbbcf0962895f768da6e40853ee
SHA1

15d070be7838e73a3862d267cb9aff0f0b77b715
SHA256

b10dcec77e00b1f9b1f2e8e327a536987ca84bcb6b0c7327c292f87ed603837d
SHA512

6fb428385e9d5332279c85023fe5db6e9a029647fb198ef289487b2999466a9643222394f1a38cc692b36d89481f30dfb64b861bb767e390f01c9fd71854402c

Score

10^/10

bazarbackdoor backdoor

Static task

static1

Behavioral task

behavioral1

Sample

b10dcec77e00b1f9b1f2e8e327a536987ca84bcb6b0c7327c292f87ed603837d.exe

Resource

win7-en-20211208

bazarbackdoor backdoor

windows7_x64

0 signatures

0 seconds

Behavioral task

behavioral2

Sample

b10dcec77e00b1f9b1f2e8e327a536987ca84bcb6b0c7327c292f87ed603837d.exe

Resource

win10v2004-en-20220112

bazarbackdoor backdoor

windows10-2004_x64

0 signatures

0 seconds

Malware Config

Targets

- Target
  
  b10dcec77e00b1f9b1f2e8e327a536987ca84bcb6b0c7327c292f87ed603837d
- Size
  
  226KB
- MD5
  
  3fe91dbbcf0962895f768da6e40853ee
- SHA1
  
  15d070be7838e73a3862d267cb9aff0f0b77b715
- SHA256
  
  b10dcec77e00b1f9b1f2e8e327a536987ca84bcb6b0c7327c292f87ed603837d
- SHA512
  
  6fb428385e9d5332279c85023fe5db6e9a029647fb198ef289487b2999466a9643222394f1a38cc692b36d89481f30dfb64b861bb767e390f01c9fd71854402c
Score

10^/10

bazarbackdoor backdoor
- BazarBackdoor
  Stealthy backdoor targeting corporate networks, believed to be developed by Trickbot's authors.
  backdoor bazarbackdoor
- Tries to connect to .bazar domain
  Attempts to lookup or connect to a .bazar domain, used by BazarBackdoor, Trickbot, and potentially others.
- Looks up external IP address via web service
  Uses a legitimate IP lookup service to find the infected system's external IP.
behavioral1 behavioral2

MITRE ATT&CK Matrix ATT&CK v6

Initial Access

Execution

Persistence

Privilege Escalation

Defense Evasion

Credential Access

Discovery

Query Registry

System Information Discovery

Lateral Movement

Collection

Exfiltration

Command and Control

Impact

Tasks

static1

behavioral1

bazarbackdoorbackdoor

behavioral2

bazarbackdoorbackdoor

© 2018-2024

Terms | Privacy