General
-
Target
c55f8979995df82555d66f6b197b0fbcb8fe30b431ff9760deae6927a584b9e3
-
Size
2.9MB
-
Sample
221026-1tlershcfn
-
MD5
b3b2333fa8195ad7003b6b3624ec7271
-
SHA1
da702e36ccf5519831fec27904571c09cb1c200f
-
SHA256
c55f8979995df82555d66f6b197b0fbcb8fe30b431ff9760deae6927a584b9e3
-
SHA512
1df2210c4a30176aa03baae8b2145fedf65c50b41f49fcd050727339303f4ef56acc814d47ea429cb39b2c863e9f8dea5063ee23cfb98a7285f6cb3d315d2e53
-
SSDEEP
6144:pMjYlrdBoHRDl02h/1uO5/hlK7wDQhhJYaQ:pMjUdBoHRD/lg4/PlDEfYa
Behavioral task
behavioral1
Sample
c55f8979995df82555d66f6b197b0fbcb8fe30b431ff9760deae6927a584b9e3.exe
Resource
win7-20220812-en
Behavioral task
behavioral2
Sample
c55f8979995df82555d66f6b197b0fbcb8fe30b431ff9760deae6927a584b9e3.exe
Resource
win10v2004-20220901-en
Malware Config
Targets
-
-
Target
c55f8979995df82555d66f6b197b0fbcb8fe30b431ff9760deae6927a584b9e3
-
Size
2.9MB
-
MD5
b3b2333fa8195ad7003b6b3624ec7271
-
SHA1
da702e36ccf5519831fec27904571c09cb1c200f
-
SHA256
c55f8979995df82555d66f6b197b0fbcb8fe30b431ff9760deae6927a584b9e3
-
SHA512
1df2210c4a30176aa03baae8b2145fedf65c50b41f49fcd050727339303f4ef56acc814d47ea429cb39b2c863e9f8dea5063ee23cfb98a7285f6cb3d315d2e53
-
SSDEEP
6144:pMjYlrdBoHRDl02h/1uO5/hlK7wDQhhJYaQ:pMjUdBoHRD/lg4/PlDEfYa
Score10/10-
BazarBackdoor
Stealthy backdoor targeting corporate networks, believed to be developed by Trickbot's authors.
-
Tries to connect to .bazar domain
Attempts to lookup or connect to a .bazar domain, used by BazarBackdoor, Trickbot, and potentially others.
-
Unexpected DNS network traffic destination
Network traffic to other servers than the configured DNS servers was detected on the DNS port.
-