bazarbackdoor | d876282b5c7c28a56223908179c8064e49800ee371f6109f27ae092c80c92c90 | Triage

Analysis

max time kernel
153s
max time network
148s
platform
windows10-2004_x64
resource
win10v2004-20220414-en
submitted
16-05-2022 11:05

Sharing

Report Analysis Logs

General

Target

d876282b5c7c28a56223908179c8064e49800ee371f6109f27ae092c80c92c90.exe
Size

121KB
MD5

06c2f7fadde3d4ef7562e31a55e30389
SHA1

c48f51d7245ee3b64f1f9cd6c747464346a1f890
SHA256

d876282b5c7c28a56223908179c8064e49800ee371f6109f27ae092c80c92c90
SHA512

74102dca72a3770c1ab7108b2aa06378b06aa7eff8ba191449283c361eee33bdef48e7bb05eeebd7d0134915c95a8bb7ec178c9e67a403f2d0d2e03f82cf7c9d

Score

10^/10

bazarbackdoor backdoor

Malware Config

Signatures

BazarBackdoor 1 IoCs
Stealthy backdoor targeting corporate networks, believed to be developed by Trickbot's authors.
backdoor bazarbackdoor

Processes:

description flow ioc

HTTP URL 54 https://194.5.249.136/0174182006106700778355809849533170225770/2

C:\Users\Admin\AppData\Local\Temp\d876282b5c7c28a56223908179c8064e49800ee371f6109f27ae092c80c92c90.exe
"C:\Users\Admin\AppData\Local\Temp\d876282b5c7c28a56223908179c8064e49800ee371f6109f27ae092c80c92c90.exe"
1⤵
PID:2928

Network

MITRE ATT&CK Matrix

Replay Monitor

Loading Replay Monitor...