81e6dcf2510ffc2400743e912448013f

General
Target

81e6dcf2510ffc2400743e912448013f

Size

316KB

Sample

210401-st7sfkvavx

Score
10 /10
MD5

81e6dcf2510ffc2400743e912448013f

SHA1

b1b29fff6348b805851513ce8812990a2f5a4e39

SHA256

258ad65c676c26e608f331bc538a985fd4ac019c6ca4229e4e197acaa93d82c4

SHA512

f1e8cc52664acb684ab9f06227d28de19629de888fdb73ad42f325199e587388301751cdd8c10680127b5d6a439c98da9a25252951ba6bb26648880714a596bc

Malware Config
Targets
Target

81e6dcf2510ffc2400743e912448013f

MD5

81e6dcf2510ffc2400743e912448013f

Filesize

316KB

Score
10 /10
SHA1

b1b29fff6348b805851513ce8812990a2f5a4e39

SHA256

258ad65c676c26e608f331bc538a985fd4ac019c6ca4229e4e197acaa93d82c4

SHA512

f1e8cc52664acb684ab9f06227d28de19629de888fdb73ad42f325199e587388301751cdd8c10680127b5d6a439c98da9a25252951ba6bb26648880714a596bc

Tags

Signatures

  • Bazar Loader

    Description

    Detected loader normally used to deploy BazarBackdoor malware.

    Tags

  • Bazar/Team9 Loader payload

  • Executes dropped EXE

  • Loads dropped DLL

  • Adds Run key to start application

    Tags

    TTPs

    Registry Run Keys / Startup Folder Modify Registry

Related Tasks

MITRE ATT&CK Matrix
Collection
    Command and Control
      Credential Access
        Defense Evasion
        Execution
          Exfiltration
            Impact
              Initial Access
                Lateral Movement
                  Privilege Escalation
                    Tasks

                    static1