Overview

overview

10

Static

static

11e2a20a06...dd.exe

windows7-x64

1

11e2a20a06...dd.exe

windows10-2004-x64

10

Sharing

Copy URL
Twitter E-mail

General

  • Target

    11e2a20a0667267538dfa1a55409a06ddbfffa8984bcab3ea15fd2f69040e3dd

  • Size

    610KB

  • Sample

    221123-w6y46sha4x

  • MD5

    538539cdf1607da4c0af86945d464a20

  • SHA1

    3f6a1cf6a4d09681a7189ac09b669c736f383b3a

  • SHA256

    11e2a20a0667267538dfa1a55409a06ddbfffa8984bcab3ea15fd2f69040e3dd

  • SHA512

    f169b0554f7a70ee770d1ea4b4b0575a4dad15424328d03d46b6fd99922e336d03d54dea2d7f70a5a1241ee82c73305eb79ad4ac5d167a82482a4c8c8a0f95f9

  • SSDEEP

    12288:btwGuFIlxzLhTqyLLgvyT84HDVBeKS+PyneW1vRHh:beDFOzh2vy1HjeXCkeW1r

Score
10/10
bazarbackdoorbackdoor

Malware Config

Targets

    • Target

      11e2a20a0667267538dfa1a55409a06ddbfffa8984bcab3ea15fd2f69040e3dd

    • Size

      610KB

    • MD5

      538539cdf1607da4c0af86945d464a20

    • SHA1

      3f6a1cf6a4d09681a7189ac09b669c736f383b3a

    • SHA256

      11e2a20a0667267538dfa1a55409a06ddbfffa8984bcab3ea15fd2f69040e3dd

    • SHA512

      f169b0554f7a70ee770d1ea4b4b0575a4dad15424328d03d46b6fd99922e336d03d54dea2d7f70a5a1241ee82c73305eb79ad4ac5d167a82482a4c8c8a0f95f9

    • SSDEEP

      12288:btwGuFIlxzLhTqyLLgvyT84HDVBeKS+PyneW1vRHh:beDFOzh2vy1HjeXCkeW1r

    Score
    10/10
    bazarbackdoorbackdoor

    • BazarBackdoor

      Stealthy backdoor targeting corporate networks, believed to be developed by Trickbot's authors.

      backdoorbazarbackdoor

    • Bazar/Team9 Backdoor payload

    • Executes dropped EXE

    • Drops file in System32 directory

    behavioral1behavioral2

MITRE ATT&CK Matrix

Tasks