bazarbackdoor | d7d9d426d72d2a994839ecba5e9a08a246c0b23d7a894804f070bd18ce513e65 | Triage

Submit
Reports

Overview

overview

Static

static

1

krisp-1.21...O1.exe

windows7-x64

krisp-1.21...O1.exe

windows10-1703-x64

7

Resubmissions

22-09-2023 16:16

230922-tqtteabb38 7

11-04-2023 19:36

230411-ya81lsgd6x 10

11-04-2023 19:28

230411-x6tp5aeg65 7

Sharing

General

Target

krisp-1.21.1-installer_pQow-O1.exe
Size

1.7MB
Sample

230411-ya81lsgd6x
MD5

02aca2415c558b9d62d6d2c61f568f5d
SHA1

d2bb3e72371aee2d458bd2f147e56a9279e491e3
SHA256

d7d9d426d72d2a994839ecba5e9a08a246c0b23d7a894804f070bd18ce513e65
SHA512

5095f28f21a7b409d1ffb0a8e47ea741876c26436873d5ae3bb46ba6506b5f2baa866c0b3a8be61353ac3a472fe1d67bd93246509dd0c38040a0ab0ee6d7ce09
SSDEEP

24576:+7FUDowAyrTVE3U5FmxNfKzSYJMPaJPfrT90eKc4cgFLNPfs8duMpmsD:+BuZrEUeKzkwPH9RHgFLRdp/

Score

10^/10

bazarbackdoor backdoor

Static task

static1

Behavioral task

behavioral1

Sample

krisp-1.21.1-installer_pQow-O1.exe

Resource

win7-20230220-en

bazarbackdoor backdoor

windows7-x64

10 signatures

150 seconds

Behavioral task

behavioral2

Sample

krisp-1.21.1-installer_pQow-O1.exe

Resource

win10-20230220-en

windows10-1703-x64

5 signatures

150 seconds

Malware Config

Targets

- Target
  
  krisp-1.21.1-installer_pQow-O1.exe
- Size
  
  1.7MB
- MD5
  
  02aca2415c558b9d62d6d2c61f568f5d
- SHA1
  
  d2bb3e72371aee2d458bd2f147e56a9279e491e3
- SHA256
  
  d7d9d426d72d2a994839ecba5e9a08a246c0b23d7a894804f070bd18ce513e65
- SHA512
  
  5095f28f21a7b409d1ffb0a8e47ea741876c26436873d5ae3bb46ba6506b5f2baa866c0b3a8be61353ac3a472fe1d67bd93246509dd0c38040a0ab0ee6d7ce09
- SSDEEP
  
  24576:+7FUDowAyrTVE3U5FmxNfKzSYJMPaJPfrT90eKc4cgFLNPfs8duMpmsD:+BuZrEUeKzkwPH9RHgFLRdp/
Score

10^/10

bazarbackdoor backdoor
- BazarBackdoor
  Stealthy backdoor targeting corporate networks, believed to be developed by Trickbot's authors.
  backdoor bazarbackdoor
- Bazar/Team9 Backdoor payload
- Executes dropped EXE
- Loads dropped DLL
behavioral1 behavioral2

MITRE ATT&CK Enterprise v6

Initial Access

Execution

Persistence

Privilege Escalation

Defense Evasion

Install Root Certificate

Modify Registry

Credential Access

Discovery

Query Registry

System Information Discovery

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Tasks

static1

behavioral1

bazarbackdoorbackdoor

behavioral2

© 2018-2024

Terms | Privacy