bazarbackdoor | d1d6903eedb32a290512f8d6e4e1f754cc587bef6e46e9659f61395e4eb096ea | Triage

Submit
Reports

Overview

overview

Static

static

1

pizzantu.png

windows7-x64

pizzantu.png

windows10-2004-x64

3

Sharing

General

Target

pizzantu.png
Size

19KB
Sample

230422-2l8qrsah31
MD5

847b6a46350d51e4cc4b4326942ed98c
SHA1

355b9eac979b8c4e3c625bd5319988c1dfbc256c
SHA256

d1d6903eedb32a290512f8d6e4e1f754cc587bef6e46e9659f61395e4eb096ea
SHA512

b4690f1c60d993676dcf6194d1d47f2c19724fecfdcdc22e48ace1eec03b5c9c982f378f46ce9f64db958ae75a708267d10ad773e209dd6d9e3f21968de81209
SSDEEP

384:Of3KP61C/J1Lkhu+N7706LTT5fHCPaQoJS1RBeRp4aoK9JmWY0WxGpQ:Of3a61m1LkPF706nBiP/oJCRe6BK9IR5

Score

10^/10

bazarbackdoor backdoor discovery upx

Static task

static1

Behavioral task

behavioral1

Sample

pizzantu.png

Resource

win7-20230220-en

bazarbackdoor backdoor discovery upx

windows7-x64

19 signatures

150 seconds

Behavioral task

behavioral2

Sample

pizzantu.png

Resource

win10v2004-20230220-en

windows10-2004-x64

1 signatures

150 seconds

Malware Config

Targets

- Target
  
  pizzantu.png
- Size
  
  19KB
- MD5
  
  847b6a46350d51e4cc4b4326942ed98c
- SHA1
  
  355b9eac979b8c4e3c625bd5319988c1dfbc256c
- SHA256
  
  d1d6903eedb32a290512f8d6e4e1f754cc587bef6e46e9659f61395e4eb096ea
- SHA512
  
  b4690f1c60d993676dcf6194d1d47f2c19724fecfdcdc22e48ace1eec03b5c9c982f378f46ce9f64db958ae75a708267d10ad773e209dd6d9e3f21968de81209
- SSDEEP
  
  384:Of3KP61C/J1Lkhu+N7706LTT5fHCPaQoJS1RBeRp4aoK9JmWY0WxGpQ:Of3a61m1LkPF706nBiP/oJCRe6BK9IR5
Score

10^/10

bazarbackdoor backdoor discovery upx
- BazarBackdoor
  Stealthy backdoor targeting corporate networks, believed to be developed by Trickbot's authors.
  backdoor bazarbackdoor
- Bazar/Team9 Backdoor payload
- Downloads MZ/PE file
- Executes dropped EXE
- Loads dropped DLL
- UPX packed file
  Detects executables packed with UPX/modified UPX open source packer.
  upx
- Checks installed software on the system
  Looks up Uninstall key entries in the registry to enumerate software on the system.
  discovery
behavioral1 behavioral2

MITRE ATT&CK Enterprise v6

Initial Access

Execution

Persistence

Privilege Escalation

Defense Evasion

Modify Registry

Credential Access

Discovery

Query Registry

System Information Discovery

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Tasks

static1

behavioral1

bazarbackdoorbackdoordiscoveryupx

behavioral2

© 2018-2024

Terms | Privacy