General
-
Target
38c9c3800dea2761b7faec078e4bbd2794b93a251513b3f683ae166d7f186d19
-
Size
173KB
-
Sample
220220-kbypdabehk
-
MD5
b2ad62cb18486b86aae7d53236ef9ed6
-
SHA1
339e753ca417dfd0a368bd368a5d5f0d656f22fd
-
SHA256
38c9c3800dea2761b7faec078e4bbd2794b93a251513b3f683ae166d7f186d19
-
SHA512
4d9efbc148953b07c5b11d609aa5c52d5497608f80ee28743a8bc5a313d5613d4ba770f76e893b29e4aed2620d1141c00027f87bf76496c6e35caec77266c9b9
Malware Config
Targets
-
-
Target
38c9c3800dea2761b7faec078e4bbd2794b93a251513b3f683ae166d7f186d19
-
Size
173KB
-
MD5
b2ad62cb18486b86aae7d53236ef9ed6
-
SHA1
339e753ca417dfd0a368bd368a5d5f0d656f22fd
-
SHA256
38c9c3800dea2761b7faec078e4bbd2794b93a251513b3f683ae166d7f186d19
-
SHA512
4d9efbc148953b07c5b11d609aa5c52d5497608f80ee28743a8bc5a313d5613d4ba770f76e893b29e4aed2620d1141c00027f87bf76496c6e35caec77266c9b9
Score10/10-
BazarBackdoor
Stealthy backdoor targeting corporate networks, believed to be developed by Trickbot's authors.
-
suricata: ET MALWARE Observed Malicious DNS Query (BazarLoader/Team9 Backdoor CnC Domain)
suricata: ET MALWARE Observed Malicious DNS Query (BazarLoader/Team9 Backdoor CnC Domain)
-
Tries to connect to .bazar domain
Attempts to lookup or connect to a .bazar domain, used by BazarBackdoor, Trickbot, and potentially others.
-