General
-
Target
c55f8979995df82555d66f6b197b0fbcb8fe30b431ff9760deae6927a584b9e3_unpacked
-
Size
205KB
-
Sample
221026-1tl2ashce8
-
MD5
8b3215a899af33e3f6beb47a08787163
-
SHA1
6b14b1634706ddd60af62dd276645727c7762094
-
SHA256
e90ccb9d51a930f69b78aa0d2612c4af2741311088b9eb7731857579feef89c3
-
SHA512
82ce4c60c81b4317a033dcb1761b98de19ccf2fdc681b48d7a1ec7ba8e07651e981c107058f9da4fa566679d7c854ac0e68d3255fca2a504d32b9f2e8784231f
-
SSDEEP
6144:pMjYlrdBoHRDl02h/1uO5/hlK7wDQhhJYaQd:pMjUdBoHRD/lg4/PlDEfYaS
Behavioral task
behavioral1
Sample
c55f8979995df82555d66f6b197b0fbcb8fe30b431ff9760deae6927a584b9e3_unpacked.exe
Resource
win7-20220812-en
Behavioral task
behavioral2
Sample
c55f8979995df82555d66f6b197b0fbcb8fe30b431ff9760deae6927a584b9e3_unpacked.exe
Resource
win10v2004-20220901-en
Malware Config
Targets
-
-
Target
c55f8979995df82555d66f6b197b0fbcb8fe30b431ff9760deae6927a584b9e3_unpacked
-
Size
205KB
-
MD5
8b3215a899af33e3f6beb47a08787163
-
SHA1
6b14b1634706ddd60af62dd276645727c7762094
-
SHA256
e90ccb9d51a930f69b78aa0d2612c4af2741311088b9eb7731857579feef89c3
-
SHA512
82ce4c60c81b4317a033dcb1761b98de19ccf2fdc681b48d7a1ec7ba8e07651e981c107058f9da4fa566679d7c854ac0e68d3255fca2a504d32b9f2e8784231f
-
SSDEEP
6144:pMjYlrdBoHRDl02h/1uO5/hlK7wDQhhJYaQd:pMjUdBoHRD/lg4/PlDEfYaS
Score10/10-
BazarBackdoor
Stealthy backdoor targeting corporate networks, believed to be developed by Trickbot's authors.
-
Tries to connect to .bazar domain
Attempts to lookup or connect to a .bazar domain, used by BazarBackdoor, Trickbot, and potentially others.
-
Unexpected DNS network traffic destination
Network traffic to other servers than the configured DNS servers was detected on the DNS port.
-