General
-
Target
f4a5fe23e21b6b7d63fa2d2c96a4bc4a34b40fd40a921b237a50a5976fe16001_unpacked
-
Size
218KB
-
Sample
221026-1tpr7ahcgk
-
MD5
fdf79b8921487469919bb95b940899e6
-
SHA1
b07039a88dabe7ac577a41a931b85e33364250c9
-
SHA256
f4a5fe23e21b6b7d63fa2d2c96a4bc4a34b40fd40a921b237a50a5976fe16001
-
SHA512
e843759ca65392ae397b461e5605efa12594895c19e8a951f5621eb9b98dd834af8d9cfa61dda1252bef2bcca898ecf5a53f5363d56284b69b6ab529dec3ac7c
-
SSDEEP
6144:GoMuDd+j6cjDqcs2WFlNAemtEMb7+Nyh7+zTtLNY5Kb+:GoMGd+j6cjDqmCntm1b7+Y0rY5x
Behavioral task
behavioral1
Sample
f4a5fe23e21b6b7d63fa2d2c96a4bc4a34b40fd40a921b237a50a5976fe16001_unpacked.exe
Resource
win7-20220812-en
Behavioral task
behavioral2
Sample
f4a5fe23e21b6b7d63fa2d2c96a4bc4a34b40fd40a921b237a50a5976fe16001_unpacked.exe
Resource
win10v2004-20220812-en
Malware Config
Targets
-
-
Target
f4a5fe23e21b6b7d63fa2d2c96a4bc4a34b40fd40a921b237a50a5976fe16001_unpacked
-
Size
218KB
-
MD5
fdf79b8921487469919bb95b940899e6
-
SHA1
b07039a88dabe7ac577a41a931b85e33364250c9
-
SHA256
f4a5fe23e21b6b7d63fa2d2c96a4bc4a34b40fd40a921b237a50a5976fe16001
-
SHA512
e843759ca65392ae397b461e5605efa12594895c19e8a951f5621eb9b98dd834af8d9cfa61dda1252bef2bcca898ecf5a53f5363d56284b69b6ab529dec3ac7c
-
SSDEEP
6144:GoMuDd+j6cjDqcs2WFlNAemtEMb7+Nyh7+zTtLNY5Kb+:GoMGd+j6cjDqmCntm1b7+Y0rY5x
Score10/10-
BazarBackdoor
Stealthy backdoor targeting corporate networks, believed to be developed by Trickbot's authors.
-
Tries to connect to .bazar domain
Attempts to lookup or connect to a .bazar domain, used by BazarBackdoor, Trickbot, and potentially others.
-
Unexpected DNS network traffic destination
Network traffic to other servers than the configured DNS servers was detected on the DNS port.
-