bazarbackdoor | 273fe2b92f8c123f28340660bf9a7dee6f3bf2c88f4299c31c302f9c674d921d | Triage

Submit
Reports

Overview

overview

Static

static

jre-8u321-...64.exe

windows7-x64

jre-8u321-...64.exe

windows10-2004-x64

Sharing

General

Target

jre-8u321-windows-x64.exe
Size

82.0MB
Sample

230418-wbg76seg7w
MD5

5c4de2813b42c80a2d77983624512e7a
SHA1

0e645b1e56de38a5859d187d71c792ea7cb5735a
SHA256

273fe2b92f8c123f28340660bf9a7dee6f3bf2c88f4299c31c302f9c674d921d
SHA512

263b008f849b036be046c545b9944f230ac5153899bd689c44d9d2f6d5ce848454136daab54401c4e79a40c9a1c017c33eb6df16b1a010a0d43ef051aefb5688
SSDEEP

1572864:W9Dm4YjKurf8BTFLWx0Uy1nB2yVbB33Ec1lyKEgjg7VQppCCXfUvvs:W9mjKuzmTUynBrbB3UWlyKEg0GVXfIvs

Score

10^/10

bazarbackdoor backdoor upx

Static task

static1

2 signatures

Behavioral task

behavioral1

Sample

jre-8u321-windows-x64.exe

Resource

win7-20230220-en

bazarbackdoor backdoor upx

windows7-x64

8 signatures

150 seconds

Behavioral task

behavioral2

Sample

jre-8u321-windows-x64.exe

Resource

win10v2004-20230220-en

bazarbackdoor backdoor

windows10-2004-x64

5 signatures

150 seconds

Malware Config

Targets

- Target
  
  jre-8u321-windows-x64.exe
- Size
  
  82.0MB
- MD5
  
  5c4de2813b42c80a2d77983624512e7a
- SHA1
  
  0e645b1e56de38a5859d187d71c792ea7cb5735a
- SHA256
  
  273fe2b92f8c123f28340660bf9a7dee6f3bf2c88f4299c31c302f9c674d921d
- SHA512
  
  263b008f849b036be046c545b9944f230ac5153899bd689c44d9d2f6d5ce848454136daab54401c4e79a40c9a1c017c33eb6df16b1a010a0d43ef051aefb5688
- SSDEEP
  
  1572864:W9Dm4YjKurf8BTFLWx0Uy1nB2yVbB33Ec1lyKEgjg7VQppCCXfUvvs:W9mjKuzmTUynBrbB3UWlyKEg0GVXfIvs
Score

10^/10

bazarbackdoor backdoor upx
- BazarBackdoor
  Stealthy backdoor targeting corporate networks, believed to be developed by Trickbot's authors.
  backdoor bazarbackdoor
- Bazar/Team9 Backdoor payload
- Executes dropped EXE
- Loads dropped DLL
- UPX packed file
  Detects executables packed with UPX/modified UPX open source packer.
  upx
behavioral1 behavioral2

MITRE ATT&CK Enterprise v6

Initial Access

Execution

Persistence

Privilege Escalation

Defense Evasion

Install Root Certificate

Modify Registry

Credential Access

Discovery

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Tasks

static1

behavioral1

bazarbackdoorbackdoorupx

behavioral2

bazarbackdoorbackdoor

© 2018-2024

Terms | Privacy