General
-
Target
37d713860d529cbe4eab958419ffd7ebb3dc53bb6909f8bd360adaa84700faf2_unpacked
-
Size
223KB
-
Sample
221026-1tfvaahcel
-
MD5
267b23b206cde7086607e2c4471a97c4
-
SHA1
0dd83eb2235f1775b981ed992f121367f723b23c
-
SHA256
37d713860d529cbe4eab958419ffd7ebb3dc53bb6909f8bd360adaa84700faf2
-
SHA512
0485ab0d1ad5a33b890b39a14ad7ca5ec593524f6cda6a9dcee7d7a63fa4aee418ce174348b1151a52616cb25d3cd2d708cee5f5e9857585533c52e68d6ac5c8
-
SSDEEP
6144:fAae6VkU5vGSPOpU2FgSnFAedymPV7M5y7W5o/7q6jsDeUz:fAwVkU5vjPOzSSFtdDPVMAq6jsh
Behavioral task
behavioral1
Sample
37d713860d529cbe4eab958419ffd7ebb3dc53bb6909f8bd360adaa84700faf2_unpacked.exe
Resource
win7-20220812-en
Behavioral task
behavioral2
Sample
37d713860d529cbe4eab958419ffd7ebb3dc53bb6909f8bd360adaa84700faf2_unpacked.exe
Resource
win10v2004-20220812-en
Malware Config
Targets
-
-
Target
37d713860d529cbe4eab958419ffd7ebb3dc53bb6909f8bd360adaa84700faf2_unpacked
-
Size
223KB
-
MD5
267b23b206cde7086607e2c4471a97c4
-
SHA1
0dd83eb2235f1775b981ed992f121367f723b23c
-
SHA256
37d713860d529cbe4eab958419ffd7ebb3dc53bb6909f8bd360adaa84700faf2
-
SHA512
0485ab0d1ad5a33b890b39a14ad7ca5ec593524f6cda6a9dcee7d7a63fa4aee418ce174348b1151a52616cb25d3cd2d708cee5f5e9857585533c52e68d6ac5c8
-
SSDEEP
6144:fAae6VkU5vGSPOpU2FgSnFAedymPV7M5y7W5o/7q6jsDeUz:fAwVkU5vjPOzSSFtdDPVMAq6jsh
Score10/10-
BazarBackdoor
Stealthy backdoor targeting corporate networks, believed to be developed by Trickbot's authors.
-
Tries to connect to .bazar domain
Attempts to lookup or connect to a .bazar domain, used by BazarBackdoor, Trickbot, and potentially others.
-
Unexpected DNS network traffic destination
Network traffic to other servers than the configured DNS servers was detected on the DNS port.
-