Overview

overview

10

Static

static

SecuriteIn...58.exe

windows7_x64

10

SecuriteIn...58.exe

windows10_x64

10

Resubmissions

07-05-2021 04:03

210507-hng7crfr5s 10

05-05-2021 08:07

210505-38jr98rkr2 10

05-05-2021 05:50

210505-a1xkk2y93e 10

05-05-2021 05:21

210505-ldgzm9rsns 10

04-05-2021 21:54

210504-gxac1b6tga 10

Analysis

  • max time kernel
    150s
  • max time network
    151s
  • platform
    windows10_x64
  • resource
    win10v20210408
  • submitted
    04-05-2021 21:54

Sharing

Copy URL
Twitter E-mail
Report Analysis Logs

General

  • Target

    SecuriteInfo.com.ArtemisTrojan.25081.13158.exe

  • Size

    564KB

  • MD5

    43de3367faeffa04f28ad1e3e1f154eb

  • SHA1

    f75d1719bb9a2f6a628a521a827bfbf26e44b9a2

  • SHA256

    93d3f7173b0983274a93717c4c605ff9e85d6cce59a17bd965ca881e436c1954

  • SHA512

    53825602540b72bf294ee47f06a682b809140fd982f6ab99a02e5dc0251774c5eb7243ab2117218f54512e2ee59e100d3644bbc509d40db7da9f52dd72b67069

Score
10/10
bazarloaderdropperloader

Malware Config

Signatures

  • Bazar Loader

    Detected loader normally used to deploy BazarBackdoor malware.

    loaderdropperbazarloader
  • Bazar/Team9 Loader payload 2 IoCs
  • Tries to connect to .bazar domain 37 IoCs

    Attempts to lookup or connect to a .bazar domain, used by BazarBackdoor, Trickbot, and potentially others.

Processes

  • C:\Users\Admin\AppData\Local\Temp\SecuriteInfo.com.ArtemisTrojan.25081.13158.exe
    "C:\Users\Admin\AppData\Local\Temp\SecuriteInfo.com.ArtemisTrojan.25081.13158.exe"
    1⤵
      PID:2840
    • C:\Users\Admin\AppData\Local\Temp\SecuriteInfo.com.ArtemisTrojan.25081.13158.exe
      C:\Users\Admin\AppData\Local\Temp\SecuriteInfo.com.ArtemisTrojan.25081.13158.exe 2230668269
      1⤵
        PID:3516

      Network

      MITRE ATT&CK Matrix

      Replay Monitor

      Loading Replay Monitor...

      Downloads

      • memory/2840-114-0x000001FEC61C0000-0x000001FEC61FE000-memory.dmp
        Filesize

        248KB

        Download
      • memory/3516-115-0x000001ECB9D80000-0x000001ECB9DBE000-memory.dmp
        Filesize

        248KB

        Download