General
-
Target
11e2a20a0667267538dfa1a55409a06ddbfffa8984bcab3ea15fd2f69040e3dd
-
Size
610KB
-
Sample
221123-w6y46sha4x
-
MD5
538539cdf1607da4c0af86945d464a20
-
SHA1
3f6a1cf6a4d09681a7189ac09b669c736f383b3a
-
SHA256
11e2a20a0667267538dfa1a55409a06ddbfffa8984bcab3ea15fd2f69040e3dd
-
SHA512
f169b0554f7a70ee770d1ea4b4b0575a4dad15424328d03d46b6fd99922e336d03d54dea2d7f70a5a1241ee82c73305eb79ad4ac5d167a82482a4c8c8a0f95f9
-
SSDEEP
12288:btwGuFIlxzLhTqyLLgvyT84HDVBeKS+PyneW1vRHh:beDFOzh2vy1HjeXCkeW1r
Static task
static1
Behavioral task
behavioral1
Sample
11e2a20a0667267538dfa1a55409a06ddbfffa8984bcab3ea15fd2f69040e3dd.exe
Resource
win7-20220812-en
Behavioral task
behavioral2
Sample
11e2a20a0667267538dfa1a55409a06ddbfffa8984bcab3ea15fd2f69040e3dd.exe
Resource
win10v2004-20221111-en
Malware Config
Targets
-
-
Target
11e2a20a0667267538dfa1a55409a06ddbfffa8984bcab3ea15fd2f69040e3dd
-
Size
610KB
-
MD5
538539cdf1607da4c0af86945d464a20
-
SHA1
3f6a1cf6a4d09681a7189ac09b669c736f383b3a
-
SHA256
11e2a20a0667267538dfa1a55409a06ddbfffa8984bcab3ea15fd2f69040e3dd
-
SHA512
f169b0554f7a70ee770d1ea4b4b0575a4dad15424328d03d46b6fd99922e336d03d54dea2d7f70a5a1241ee82c73305eb79ad4ac5d167a82482a4c8c8a0f95f9
-
SSDEEP
12288:btwGuFIlxzLhTqyLLgvyT84HDVBeKS+PyneW1vRHh:beDFOzh2vy1HjeXCkeW1r
Score10/10-
BazarBackdoor
Stealthy backdoor targeting corporate networks, believed to be developed by Trickbot's authors.
-
Bazar/Team9 Backdoor payload
-
Executes dropped EXE
-
Drops file in System32 directory
-