General
-
Target
8c08b6c27c8e596e2721e5c0a2db31ff728f640da1583ae4020cc966621dd7f8
-
Size
116KB
-
Sample
220502-nsfrnsehcj
-
MD5
275b51360e89636c56f6a4ca34350a85
-
SHA1
1fd28c50c3b15d45c474593671a48f47a61ed577
-
SHA256
8c08b6c27c8e596e2721e5c0a2db31ff728f640da1583ae4020cc966621dd7f8
-
SHA512
53d8af211b5d5ff61eafade7bb2fbdd8f43f4b329fe006462a887c603c71c0ea1f97738b786e7969f4608370a4dfac895c83307bb063fdcbcca851c20fe17d02
Static task
static1
Behavioral task
behavioral1
Sample
8c08b6c27c8e596e2721e5c0a2db31ff728f640da1583ae4020cc966621dd7f8.exe
Resource
win7-20220414-en
Behavioral task
behavioral2
Sample
8c08b6c27c8e596e2721e5c0a2db31ff728f640da1583ae4020cc966621dd7f8.exe
Resource
win10v2004-20220414-en
Malware Config
Targets
-
-
Target
8c08b6c27c8e596e2721e5c0a2db31ff728f640da1583ae4020cc966621dd7f8
-
Size
116KB
-
MD5
275b51360e89636c56f6a4ca34350a85
-
SHA1
1fd28c50c3b15d45c474593671a48f47a61ed577
-
SHA256
8c08b6c27c8e596e2721e5c0a2db31ff728f640da1583ae4020cc966621dd7f8
-
SHA512
53d8af211b5d5ff61eafade7bb2fbdd8f43f4b329fe006462a887c603c71c0ea1f97738b786e7969f4608370a4dfac895c83307bb063fdcbcca851c20fe17d02
Score10/10-
BazarBackdoor
Stealthy backdoor targeting corporate networks, believed to be developed by Trickbot's authors.
-
Tries to connect to .bazar domain
Attempts to lookup or connect to a .bazar domain, used by BazarBackdoor, Trickbot, and potentially others.
-
Unexpected DNS network traffic destination
Network traffic to other servers than the configured DNS servers was detected on the DNS port.
-