General
-
Target
35683ac5bbcc63eb33d552878d02ff44582161d1ea1ff969b14ea326083ea780
-
Size
336KB
-
Sample
221026-1td1pahcc8
-
MD5
c6502d4dd27a434167686bfa4d183e89
-
SHA1
bddbceefe4185693ef9015d0a535eb7e034b9ec3
-
SHA256
35683ac5bbcc63eb33d552878d02ff44582161d1ea1ff969b14ea326083ea780
-
SHA512
e7958bbb238f6e484683e876d42e15ebea04ce00cedb7d377aec77eb008e4389f7e91454d9503ed5558c59c2bfbaf71530c8970e1e3a7ebe032ca8ba699c3ed9
-
SSDEEP
6144:xgITgAwvbsnWEwqVCA1jxlK11wdkWyloi/DyO:xgr/EwSCA1jXK1im/DyO
Static task
static1
Behavioral task
behavioral1
Sample
35683ac5bbcc63eb33d552878d02ff44582161d1ea1ff969b14ea326083ea780.exe
Resource
win7-20220812-en
Behavioral task
behavioral2
Sample
35683ac5bbcc63eb33d552878d02ff44582161d1ea1ff969b14ea326083ea780.exe
Resource
win10v2004-20220812-en
Malware Config
Targets
-
-
Target
35683ac5bbcc63eb33d552878d02ff44582161d1ea1ff969b14ea326083ea780
-
Size
336KB
-
MD5
c6502d4dd27a434167686bfa4d183e89
-
SHA1
bddbceefe4185693ef9015d0a535eb7e034b9ec3
-
SHA256
35683ac5bbcc63eb33d552878d02ff44582161d1ea1ff969b14ea326083ea780
-
SHA512
e7958bbb238f6e484683e876d42e15ebea04ce00cedb7d377aec77eb008e4389f7e91454d9503ed5558c59c2bfbaf71530c8970e1e3a7ebe032ca8ba699c3ed9
-
SSDEEP
6144:xgITgAwvbsnWEwqVCA1jxlK11wdkWyloi/DyO:xgr/EwSCA1jXK1im/DyO
Score10/10-
Bazar/Team9 Loader payload
-
Tries to connect to .bazar domain
Attempts to lookup or connect to a .bazar domain, used by BazarBackdoor, Trickbot, and potentially others.
-
Unexpected DNS network traffic destination
Network traffic to other servers than the configured DNS servers was detected on the DNS port.
-