General
-
Target
jre-8u331-windows-x64.exe
-
Size
82.9MB
-
Sample
220422-xk7d4abdgn
-
MD5
6e2c973cf5a1ab5290e7923da6a0a652
-
SHA1
ef6360a19084e15a55f080ca1a0e9cc2e0231308
-
SHA256
20a3990bf57c65dfada53558ea94b54db8c7ae5aefa86c612ffbe475c6215b98
-
SHA512
614d6108712d301222949f531679d915e9158cce7b05c66b8f10392b0743c2cd24c8d71b2c1dd3c52ce95f733d30f7d77511d9b333d6135c3a8931767501ca76
Static task
static1
Behavioral task
behavioral1
Sample
jre-8u331-windows-x64.exe
Resource
win10v2004-20220414-en
Malware Config
Targets
-
-
Target
jre-8u331-windows-x64.exe
-
Size
82.9MB
-
MD5
6e2c973cf5a1ab5290e7923da6a0a652
-
SHA1
ef6360a19084e15a55f080ca1a0e9cc2e0231308
-
SHA256
20a3990bf57c65dfada53558ea94b54db8c7ae5aefa86c612ffbe475c6215b98
-
SHA512
614d6108712d301222949f531679d915e9158cce7b05c66b8f10392b0743c2cd24c8d71b2c1dd3c52ce95f733d30f7d77511d9b333d6135c3a8931767501ca76
Score10/10-
BazarBackdoor
Stealthy backdoor targeting corporate networks, believed to be developed by Trickbot's authors.
-
Bazar/Team9 Backdoor payload
-
Blocklisted process makes network request
-
Executes dropped EXE
-
Loads dropped DLL
-
Enumerates connected drives
Attempts to read the root path of hard drives other than the default C: drive.
-