General
-
Target
8f8673e6c6353187dbb460088adc3099c2f35ad868966b257afa1df782e48875
-
Size
173KB
-
Sample
220220-e9qhrshgfk
-
MD5
621ee1cc6f678123775d2dcf73250999
-
SHA1
aad97b814c09b2343aec25acb58e2f2ac6ff0857
-
SHA256
8f8673e6c6353187dbb460088adc3099c2f35ad868966b257afa1df782e48875
-
SHA512
9310b503e13952a0f20ed6f3bb4fc6e97c0afdddb7683c36d3839babe5eceb8bdec4381f261cac47b6448ec168b6593eb71eb78ad5e22825e62dae4f69751fbf
Static task
static1
Behavioral task
behavioral1
Sample
8f8673e6c6353187dbb460088adc3099c2f35ad868966b257afa1df782e48875.exe
Resource
win7-en-20211208
Behavioral task
behavioral2
Sample
8f8673e6c6353187dbb460088adc3099c2f35ad868966b257afa1df782e48875.exe
Resource
win10v2004-en-20220112
Malware Config
Targets
-
-
Target
8f8673e6c6353187dbb460088adc3099c2f35ad868966b257afa1df782e48875
-
Size
173KB
-
MD5
621ee1cc6f678123775d2dcf73250999
-
SHA1
aad97b814c09b2343aec25acb58e2f2ac6ff0857
-
SHA256
8f8673e6c6353187dbb460088adc3099c2f35ad868966b257afa1df782e48875
-
SHA512
9310b503e13952a0f20ed6f3bb4fc6e97c0afdddb7683c36d3839babe5eceb8bdec4381f261cac47b6448ec168b6593eb71eb78ad5e22825e62dae4f69751fbf
Score10/10-
BazarBackdoor
Stealthy backdoor targeting corporate networks, believed to be developed by Trickbot's authors.
-
suricata: ET MALWARE BAZAR CnC Domain in DNS Lookup
suricata: ET MALWARE BAZAR CnC Domain in DNS Lookup
-
Tries to connect to .bazar domain
Attempts to lookup or connect to a .bazar domain, used by BazarBackdoor, Trickbot, and potentially others.
-