Resubmissions
14-07-2024 08:16
240714-j6aelavgkf 328-03-2024 15:44
240328-s6f2tahh81 315-02-2024 03:14
240215-drq6xafb7s 605-02-2024 16:35
240205-t3whrsebaq 305-02-2024 16:32
240205-t17g9aeagl 308-12-2023 22:35
231208-2hv1haegb3 331-10-2023 16:20
231031-ttf2qaba4t 1024-10-2023 18:54
231024-xkm1fsgg8z 1020-09-2023 14:18
230920-rl8qnagg4s 1023-08-2023 22:11
230823-139hyshd3w 10General
-
Target
dl2.exe
-
Size
849KB
-
Sample
231024-xkm1fsgg8z
-
MD5
c2055b7fbaa041d9f68b9d5df9b45edd
-
SHA1
e4bd443bd4ce9029290dcd4bb47cb1a01f3b1b06
-
SHA256
342f04c4720590c40d24078d46d9b19d8175565f0af460598171d58f5ffc48f3
-
SHA512
18905b75938b8af9468b1aa3ffbae796a139c2762e623aa6ffb9ec2b293dd04aa1f90d1ed5a7dbda7853795a3688e368121a134c7f63e527a8e5e7679301a1dc
-
SSDEEP
12288:A3RY3yNqMRTF4q2rxHn2ot/81xpNQyjUXlmoe7ufjHAtjXD7r2:A3RY3R24q+xn/8Xp2yOl5fzQ/2
Static task
static1
Behavioral task
behavioral1
Sample
dl2.exe
Resource
win7-20231023-en
Behavioral task
behavioral2
Sample
dl2.exe
Resource
win10v2004-20231020-en
Malware Config
Targets
-
-
Target
dl2.exe
-
Size
849KB
-
MD5
c2055b7fbaa041d9f68b9d5df9b45edd
-
SHA1
e4bd443bd4ce9029290dcd4bb47cb1a01f3b1b06
-
SHA256
342f04c4720590c40d24078d46d9b19d8175565f0af460598171d58f5ffc48f3
-
SHA512
18905b75938b8af9468b1aa3ffbae796a139c2762e623aa6ffb9ec2b293dd04aa1f90d1ed5a7dbda7853795a3688e368121a134c7f63e527a8e5e7679301a1dc
-
SSDEEP
12288:A3RY3yNqMRTF4q2rxHn2ot/81xpNQyjUXlmoe7ufjHAtjXD7r2:A3RY3R24q+xn/8Xp2yOl5fzQ/2
Score10/10-
BazarBackdoor
Stealthy backdoor targeting corporate networks, believed to be developed by Trickbot's authors.
-
Tries to connect to .bazar domain
Attempts to lookup or connect to a .bazar domain, used by BazarBackdoor, Trickbot, and potentially others.
-