General
-
Target
f351b6bef91b600954f23402eddc68deb0e2e2d3b6099a7250bc54ba3a2aff3e
-
Size
231KB
-
Sample
220327-b4degagbdk
-
MD5
ebba0a18ecb946c45f60a14be223c7d4
-
SHA1
cfbb5280e97aa589c3fa46ae2bc77c9523eba46a
-
SHA256
f351b6bef91b600954f23402eddc68deb0e2e2d3b6099a7250bc54ba3a2aff3e
-
SHA512
71dea8c205883df79b154c1586e4be0fa9b784ae6d47a8718f9b09cc4b803e26b20f5ebc396376dfc1848a2e261e805b84c2d70ee1a8ccd5a234141715850f4a
Static task
static1
Behavioral task
behavioral1
Sample
f351b6bef91b600954f23402eddc68deb0e2e2d3b6099a7250bc54ba3a2aff3e.exe
Resource
win7-20220331-en
Behavioral task
behavioral2
Sample
f351b6bef91b600954f23402eddc68deb0e2e2d3b6099a7250bc54ba3a2aff3e.exe
Resource
win10v2004-en-20220113
Malware Config
Targets
-
-
Target
f351b6bef91b600954f23402eddc68deb0e2e2d3b6099a7250bc54ba3a2aff3e
-
Size
231KB
-
MD5
ebba0a18ecb946c45f60a14be223c7d4
-
SHA1
cfbb5280e97aa589c3fa46ae2bc77c9523eba46a
-
SHA256
f351b6bef91b600954f23402eddc68deb0e2e2d3b6099a7250bc54ba3a2aff3e
-
SHA512
71dea8c205883df79b154c1586e4be0fa9b784ae6d47a8718f9b09cc4b803e26b20f5ebc396376dfc1848a2e261e805b84c2d70ee1a8ccd5a234141715850f4a
Score8/10-
Tries to connect to .bazar domain
Attempts to lookup or connect to a .bazar domain, used by BazarBackdoor, Trickbot, and potentially others.
-
Unexpected DNS network traffic destination
Network traffic to other servers than the configured DNS servers was detected on the DNS port.
-