General
-
Target
28b313f8a09e2512039b0e5bbfb67af2aee9b461bac9e0a455dbd409b7b621e3
-
Size
5.7MB
-
Sample
220508-t2pntscch3
-
MD5
ba54c9285faa654d9071fa8d2b3a0a84
-
SHA1
cdb4676ba2cf3cc21c3d7db315552756b4966b45
-
SHA256
28b313f8a09e2512039b0e5bbfb67af2aee9b461bac9e0a455dbd409b7b621e3
-
SHA512
1e726e61fd552e8970c0cc66e13d519fdadb9b6becfdd67788cd131ec0172a174a67e9d9c43aad9f5563684a68b74d1f30aee69869abb6d95ae8a68d10b0ae6d
Static task
static1
Behavioral task
behavioral1
Sample
28b313f8a09e2512039b0e5bbfb67af2aee9b461bac9e0a455dbd409b7b621e3.exe
Resource
win7-20220414-en
Behavioral task
behavioral2
Sample
28b313f8a09e2512039b0e5bbfb67af2aee9b461bac9e0a455dbd409b7b621e3.exe
Resource
win10v2004-20220414-en
Malware Config
Targets
-
-
Target
28b313f8a09e2512039b0e5bbfb67af2aee9b461bac9e0a455dbd409b7b621e3
-
Size
5.7MB
-
MD5
ba54c9285faa654d9071fa8d2b3a0a84
-
SHA1
cdb4676ba2cf3cc21c3d7db315552756b4966b45
-
SHA256
28b313f8a09e2512039b0e5bbfb67af2aee9b461bac9e0a455dbd409b7b621e3
-
SHA512
1e726e61fd552e8970c0cc66e13d519fdadb9b6becfdd67788cd131ec0172a174a67e9d9c43aad9f5563684a68b74d1f30aee69869abb6d95ae8a68d10b0ae6d
Score10/10-
Bazar/Team9 Loader payload
-
Tries to connect to .bazar domain
Attempts to lookup or connect to a .bazar domain, used by BazarBackdoor, Trickbot, and potentially others.
-
Unexpected DNS network traffic destination
Network traffic to other servers than the configured DNS servers was detected on the DNS port.
-