Overview

overview

10

Static

static

2342c73657...5c.exe

windows7_x64

10

2342c73657...5c.exe

windows10-2004_x64

10

Sharing

Copy URL
Twitter E-mail

General

  • Target

    2342c736572ab7448ef8da2540cdbf0bae72625e41dab8fff58866413854ca5c

  • Size

    144KB

  • Sample

    220220-lapkracaer

  • MD5

    11ca39d3b268610560b9f7595075bac0

  • SHA1

    696dcb01b69ca0d58c96745e10ba84d5377a8327

  • SHA256

    2342c736572ab7448ef8da2540cdbf0bae72625e41dab8fff58866413854ca5c

  • SHA512

    c72808e9b60761445d2864fdca296b4a77b1fa2a77bb0b434fb5a96bf5d5332dfa6ed71ad2ee5122163ff14251f5bedaf49a49ebc38ec6764e6007b551ad36cb

Score
10/10
bazarbackdoorbackdoorsuricata

Malware Config

Targets

    • Target

      2342c736572ab7448ef8da2540cdbf0bae72625e41dab8fff58866413854ca5c

    • Size

      144KB

    • MD5

      11ca39d3b268610560b9f7595075bac0

    • SHA1

      696dcb01b69ca0d58c96745e10ba84d5377a8327

    • SHA256

      2342c736572ab7448ef8da2540cdbf0bae72625e41dab8fff58866413854ca5c

    • SHA512

      c72808e9b60761445d2864fdca296b4a77b1fa2a77bb0b434fb5a96bf5d5332dfa6ed71ad2ee5122163ff14251f5bedaf49a49ebc38ec6764e6007b551ad36cb

    Score
    10/10
    bazarbackdoorbackdoorsuricata

    • BazarBackdoor

      Stealthy backdoor targeting corporate networks, believed to be developed by Trickbot's authors.

      backdoorbazarbackdoor

    • suricata: ET MALWARE BAZAR CnC Domain in DNS Lookup

      suricata: ET MALWARE BAZAR CnC Domain in DNS Lookup

      suricata

    • Tries to connect to .bazar domain

      Attempts to lookup or connect to a .bazar domain, used by BazarBackdoor, Trickbot, and potentially others.

    behavioral1behavioral2

MITRE ATT&CK Matrix

Tasks