General
-
Target
b200c43ddc7ed92dddd0cd01ab7a7f785618013b9eaa85aa3da0a377db7d2614
-
Size
461KB
-
Sample
220417-t321jsdge6
-
MD5
6744aa8b25616f7060b34933f29cb215
-
SHA1
86611fb1d7352b73f9206ffaad9d5651afbeb45a
-
SHA256
b200c43ddc7ed92dddd0cd01ab7a7f785618013b9eaa85aa3da0a377db7d2614
-
SHA512
d402aed51a6229b64f151851bffe5b3c5a402e501b4dc3854eb3700d69f6cff8bd9e4647588daa5c31683175ae722f0e9681bbd7498d160a4104a6e360cd4287
Static task
static1
Behavioral task
behavioral1
Sample
b200c43ddc7ed92dddd0cd01ab7a7f785618013b9eaa85aa3da0a377db7d2614.exe
Resource
win7-20220414-en
Behavioral task
behavioral2
Sample
b200c43ddc7ed92dddd0cd01ab7a7f785618013b9eaa85aa3da0a377db7d2614.exe
Resource
win10v2004-20220414-en
Malware Config
Targets
-
-
Target
b200c43ddc7ed92dddd0cd01ab7a7f785618013b9eaa85aa3da0a377db7d2614
-
Size
461KB
-
MD5
6744aa8b25616f7060b34933f29cb215
-
SHA1
86611fb1d7352b73f9206ffaad9d5651afbeb45a
-
SHA256
b200c43ddc7ed92dddd0cd01ab7a7f785618013b9eaa85aa3da0a377db7d2614
-
SHA512
d402aed51a6229b64f151851bffe5b3c5a402e501b4dc3854eb3700d69f6cff8bd9e4647588daa5c31683175ae722f0e9681bbd7498d160a4104a6e360cd4287
Score10/10-
Bazar/Team9 Loader payload
-
Tries to connect to .bazar domain
Attempts to lookup or connect to a .bazar domain, used by BazarBackdoor, Trickbot, and potentially others.
-
Unexpected DNS network traffic destination
Network traffic to other servers than the configured DNS servers was detected on the DNS port.
-