General
-
Target
4c0b10f54e62d48405351342ebf4a11ae449ac6377d091827d5a177c0e0f9719
-
Size
116KB
-
Sample
220502-nsgc7sehck
-
MD5
7de28d47c6f1dbe38f892253ff530208
-
SHA1
019cd9232cb9df9109142f78fa5a7eaf91e5c549
-
SHA256
4c0b10f54e62d48405351342ebf4a11ae449ac6377d091827d5a177c0e0f9719
-
SHA512
5da4e8e9e3e101291551b6c0570ce14b7c7be37a4b87a897dc11d0ed250b12df78fec4aed86c0203a9f35c0acba9b72e5d81eea01565c4287dbd3265b4f31c42
Static task
static1
Behavioral task
behavioral1
Sample
4c0b10f54e62d48405351342ebf4a11ae449ac6377d091827d5a177c0e0f9719.exe
Resource
win7-20220414-en
Behavioral task
behavioral2
Sample
4c0b10f54e62d48405351342ebf4a11ae449ac6377d091827d5a177c0e0f9719.exe
Resource
win10v2004-20220414-en
Malware Config
Targets
-
-
Target
4c0b10f54e62d48405351342ebf4a11ae449ac6377d091827d5a177c0e0f9719
-
Size
116KB
-
MD5
7de28d47c6f1dbe38f892253ff530208
-
SHA1
019cd9232cb9df9109142f78fa5a7eaf91e5c549
-
SHA256
4c0b10f54e62d48405351342ebf4a11ae449ac6377d091827d5a177c0e0f9719
-
SHA512
5da4e8e9e3e101291551b6c0570ce14b7c7be37a4b87a897dc11d0ed250b12df78fec4aed86c0203a9f35c0acba9b72e5d81eea01565c4287dbd3265b4f31c42
Score10/10-
BazarBackdoor
Stealthy backdoor targeting corporate networks, believed to be developed by Trickbot's authors.
-
Tries to connect to .bazar domain
Attempts to lookup or connect to a .bazar domain, used by BazarBackdoor, Trickbot, and potentially others.
-
Unexpected DNS network traffic destination
Network traffic to other servers than the configured DNS servers was detected on the DNS port.
-