bazarbackdoor | 20c243940905f28e65c314b7d5145fed8f73891cc56a8d09ca8450b8a0191fd1 | Triage

Submit
Reports

Overview

overview

Static

static

20c2439409...d1.exe

windows7_x64

20c2439409...d1.exe

windows10-2004_x64

Sharing

General

Target

20c243940905f28e65c314b7d5145fed8f73891cc56a8d09ca8450b8a0191fd1
Size

309KB
Sample

220220-leb58aahg6
MD5

006f8bd0cd7e820705dec7bb3a7a7cf5
SHA1

5ba53424dba83649da8c19819a6a9c71646bf73b
SHA256

20c243940905f28e65c314b7d5145fed8f73891cc56a8d09ca8450b8a0191fd1
SHA512

e1be8a09c2b32c2a7596b4c5177d3261875c5dffbbc2505c8db4512fe6b6f26afc9f5a7da4b0d265a4c4f869f60f0c2f61668b61da78d0e07f637f1fc3567536

Score

10^/10

bazarbackdoor backdoor

Static task

static1

Behavioral task

behavioral1

Sample

20c243940905f28e65c314b7d5145fed8f73891cc56a8d09ca8450b8a0191fd1.exe

Resource

win7-en-20211208

bazarbackdoor backdoor

windows7_x64

0 signatures

0 seconds

Behavioral task

behavioral2

Sample

20c243940905f28e65c314b7d5145fed8f73891cc56a8d09ca8450b8a0191fd1.exe

Resource

win10v2004-en-20220113

bazarbackdoor backdoor

windows10-2004_x64

0 signatures

0 seconds

Malware Config

Targets

- Target
  
  20c243940905f28e65c314b7d5145fed8f73891cc56a8d09ca8450b8a0191fd1
- Size
  
  309KB
- MD5
  
  006f8bd0cd7e820705dec7bb3a7a7cf5
- SHA1
  
  5ba53424dba83649da8c19819a6a9c71646bf73b
- SHA256
  
  20c243940905f28e65c314b7d5145fed8f73891cc56a8d09ca8450b8a0191fd1
- SHA512
  
  e1be8a09c2b32c2a7596b4c5177d3261875c5dffbbc2505c8db4512fe6b6f26afc9f5a7da4b0d265a4c4f869f60f0c2f61668b61da78d0e07f637f1fc3567536
Score

10^/10

bazarbackdoor backdoor
- BazarBackdoor
  Stealthy backdoor targeting corporate networks, believed to be developed by Trickbot's authors.
  backdoor bazarbackdoor
- Tries to connect to .bazar domain
  Attempts to lookup or connect to a .bazar domain, used by BazarBackdoor, Trickbot, and potentially others.
behavioral1 behavioral2

MITRE ATT&CK Matrix

Tasks

static1

behavioral1

bazarbackdoorbackdoor

behavioral2

bazarbackdoorbackdoor

© 2018-2024

Terms | Privacy