General
-
Target
94dcaa51e792d1fa266cae508c2c62a2ca45b94e2fdfbca7ea126b6cd7bc5b21_unpacked
-
Size
174KB
-
Sample
221026-1tj7pshcfk
-
MD5
3078b0b4b1dc48d62019d6ccca9cf098
-
SHA1
53ee27c7893574d496a0b512363e690ac9f6d7ba
-
SHA256
94dcaa51e792d1fa266cae508c2c62a2ca45b94e2fdfbca7ea126b6cd7bc5b21
-
SHA512
303ab278370c58b2bdb222646c694deb158aace09e7d28d3871d1382feafaf335c35ef3e32f020970cb477454a93df3c1b8eb6886f7b56f0b80f536c76a96045
-
SSDEEP
3072:gR/Pka9yhzIPXsqafERgQC2mCeA1kjy0dPRXCuJDIPgfCcV/L6OT:y/PczIf3SEFGjy0d9CudZC4
Static task
static1
Behavioral task
behavioral1
Sample
94dcaa51e792d1fa266cae508c2c62a2ca45b94e2fdfbca7ea126b6cd7bc5b21_unpacked.exe
Resource
win7-20220812-en
Behavioral task
behavioral2
Sample
94dcaa51e792d1fa266cae508c2c62a2ca45b94e2fdfbca7ea126b6cd7bc5b21_unpacked.exe
Resource
win10v2004-20220812-en
Malware Config
Targets
-
-
Target
94dcaa51e792d1fa266cae508c2c62a2ca45b94e2fdfbca7ea126b6cd7bc5b21_unpacked
-
Size
174KB
-
MD5
3078b0b4b1dc48d62019d6ccca9cf098
-
SHA1
53ee27c7893574d496a0b512363e690ac9f6d7ba
-
SHA256
94dcaa51e792d1fa266cae508c2c62a2ca45b94e2fdfbca7ea126b6cd7bc5b21
-
SHA512
303ab278370c58b2bdb222646c694deb158aace09e7d28d3871d1382feafaf335c35ef3e32f020970cb477454a93df3c1b8eb6886f7b56f0b80f536c76a96045
-
SSDEEP
3072:gR/Pka9yhzIPXsqafERgQC2mCeA1kjy0dPRXCuJDIPgfCcV/L6OT:y/PczIf3SEFGjy0d9CudZC4
Score10/10-
BazarBackdoor
Stealthy backdoor targeting corporate networks, believed to be developed by Trickbot's authors.
-
Tries to connect to .bazar domain
Attempts to lookup or connect to a .bazar domain, used by BazarBackdoor, Trickbot, and potentially others.
-
Unexpected DNS network traffic destination
Network traffic to other servers than the configured DNS servers was detected on the DNS port.
-