Overview

overview

10

Static

static

10

d876282b5c7c28...90.exe

windows7_x64

10

d876282b5c7c28...90.exe

windows10-2004_x64

10
General
Target

d876282b5c7c28a56223908179c8064e49800ee371f6109f27ae092c80c92c90.exe

Filesize

121KB

Completed

16-05-2022 11:08

Task

behavioral2

Score
10/10
MD5

06c2f7fadde3d4ef7562e31a55e30389

SHA1

c48f51d7245ee3b64f1f9cd6c747464346a1f890

SHA256

d876282b5c7c28a56223908179c8064e49800ee371f6109f27ae092c80c92c90

SHA512

74102dca72a3770c1ab7108b2aa06378b06aa7eff8ba191449283c361eee33bdef48e7bb05eeebd7d0134915c95a8bb7ec178c9e67a403f2d0d2e03f82cf7c9d

Malware Config
Signatures 1

Filter: none

  • BazarBackdoor

    Description

    Stealthy backdoor targeting corporate networks, believed to be developed by Trickbot's authors.

    Tags

    Reported IOCs

    descriptionflowioc
    HTTP URL54https://194.5.249.136/0174182006106700778355809849533170225770/2
Processes 1
  • C:\Users\Admin\AppData\Local\Temp\d876282b5c7c28a56223908179c8064e49800ee371f6109f27ae092c80c92c90.exe
    "C:\Users\Admin\AppData\Local\Temp\d876282b5c7c28a56223908179c8064e49800ee371f6109f27ae092c80c92c90.exe"
    PID:2928
Network
MITRE ATT&CK Matrix
Collection
    Command and Control
      Credential Access
        Defense Evasion
          Discovery
            Execution
              Exfiltration
                Impact
                  Initial Access
                    Lateral Movement
                      Persistence
                        Privilege Escalation
                          Replay Monitor
                          00:00 00:00
                          Downloads