General
-
Target
1a19ad73601c5636654ea6b3167caba9de1c572ab2632b87ce9d702d0dcacf0b
-
Size
580KB
-
Sample
221026-1tcgvshcc6
-
MD5
b7d245ea334e2c1818cb757d7ef1f592
-
SHA1
c7411c8440593fac4b576b3d89504bf94b04ed1d
-
SHA256
1a19ad73601c5636654ea6b3167caba9de1c572ab2632b87ce9d702d0dcacf0b
-
SHA512
daf198057de8563b81014619308a405455a2a12b6dd0f9c02042614d10a7c6a4a190f610634089d96b141f710e19fd3627cdfa70f133e4d54078ad6bf3870acb
-
SSDEEP
6144:OJu7yDrEe9+FHM1sYr0JrU4ev9ZOh2At15jUR2EOjvktrYMZBxQTSAfGKEw:OJvD/Ys1l0JfW9H8C25jvMDZBxQ
Static task
static1
Behavioral task
behavioral1
Sample
1a19ad73601c5636654ea6b3167caba9de1c572ab2632b87ce9d702d0dcacf0b.exe
Resource
win7-20220812-en
Behavioral task
behavioral2
Sample
1a19ad73601c5636654ea6b3167caba9de1c572ab2632b87ce9d702d0dcacf0b.exe
Resource
win10v2004-20220812-en
Malware Config
Targets
-
-
Target
1a19ad73601c5636654ea6b3167caba9de1c572ab2632b87ce9d702d0dcacf0b
-
Size
580KB
-
MD5
b7d245ea334e2c1818cb757d7ef1f592
-
SHA1
c7411c8440593fac4b576b3d89504bf94b04ed1d
-
SHA256
1a19ad73601c5636654ea6b3167caba9de1c572ab2632b87ce9d702d0dcacf0b
-
SHA512
daf198057de8563b81014619308a405455a2a12b6dd0f9c02042614d10a7c6a4a190f610634089d96b141f710e19fd3627cdfa70f133e4d54078ad6bf3870acb
-
SSDEEP
6144:OJu7yDrEe9+FHM1sYr0JrU4ev9ZOh2At15jUR2EOjvktrYMZBxQTSAfGKEw:OJvD/Ys1l0JfW9H8C25jvMDZBxQ
Score10/10-
BazarBackdoor
Stealthy backdoor targeting corporate networks, believed to be developed by Trickbot's authors.
-
Tries to connect to .bazar domain
Attempts to lookup or connect to a .bazar domain, used by BazarBackdoor, Trickbot, and potentially others.
-
Unexpected DNS network traffic destination
Network traffic to other servers than the configured DNS servers was detected on the DNS port.
-