Overview

overview

10

Static

static

8

14118.biy.dll

windows7_x64

8

14118.biy.dll

windows10_x64

8

14118.xlsb

windows7_x64

1

14118.xlsb

windows10_x64

1

B24C.tmp.dll

windows7_x64

10

B24C.tmp.dll

windows10_x64

10

NZM32A4.exe

windows7_x64

10

NZM32A4.exe

windows10_x64

10

subscripti...0.xlsb

windows7_x64

10

subscripti...0.xlsb

windows10_x64

10

thqsg.exe

windows7_x64

10

thqsg.exe

windows10_x64

10

Sharing

Copy URL
Twitter E-mail

General

  • Target

    2021-04-07-BazaLoader-malware-and-artifacts.zip

  • Size

    558KB

  • MD5

    79504ee399da4dcd08e91404878c13ec

  • SHA1

    4b3bf6815944f74a82a183c4ce21eebac1a250da

  • SHA256

    8287e916655be8dabc37550610daa219f5d5351eb8521da64ee9a22f9af7b5e4

  • SHA512

    c88b0b7ca1bfe2a9cbb107dfced15e1ddf78d40c24408010fb8b91991ed15df6a6e7d750fe1ed2460eaaaa21f796dd5cc3123e7252eaedffeb4afdf776439068

Score
8/10
macroxlm

Malware Config

Signatures

  • Suspicious Office macro 1 IoCs

    Office document equipped with 4.0 macros.

    macroxlm

Files

  • 2021-04-07-BazaLoader-malware-and-artifacts.zip
    .zip

    Password: infected

  • 14118.biy
    .dll windows x86


    Exports

  • 14118.doy
  • 14118.xlsb
  • 2021-04-07-registry-update-for-BazaLoader.txt
  • 2021-04-07-suspicious-registry-update.txt
  • B24C.tmp.dll
    .dll windows x64


    Exports

  • NZM32A4.exe
    .exe windows x64


  • subscription_1617817060.xlsb
    .xlsb .xlsm office2007
  • thqsg.exe
    .exe windows x64