bazarbackdoor | 9663dc275239aa93ceccedae7a0d54e10def18dd177d231264a323a4175a23d4 | Triage

Submit
Reports

Overview

overview

Static

static

rest.exe

windows7_x64

rest.exe

windows10_x64

Sharing

General

Target

rest.exe
Size

385KB
Sample

210505-mq8bqqpk6x
MD5

96764a0a62e66a147a3d4db0e59a6e34
SHA1

1364419833344aa6ab3f301059d43b9506197501
SHA256

9663dc275239aa93ceccedae7a0d54e10def18dd177d231264a323a4175a23d4
SHA512

71855c2e52c1b65697a6a0843373d2039dc50db4155415dd7c76707870cdf05b1a829145837f3ec10801bdfa79a5dc44afb83b87da78472533394006c8cf38e7

Score

10^/10

bazarbackdoor bazarloader backdoor dropper loader

Static task

static1

Behavioral task

behavioral1

Sample

rest.exe

Resource

win7v20210408

bazarbackdoor bazarloader backdoor dropper loader

windows7_x64

0 signatures

0 seconds

Behavioral task

behavioral2

Sample

rest.exe

Resource

win10v20210408

bazarbackdoor bazarloader backdoor dropper loader

windows10_x64

0 signatures

0 seconds

Malware Config

Targets

- Target
  
  rest.exe
- Size
  
  385KB
- MD5
  
  96764a0a62e66a147a3d4db0e59a6e34
- SHA1
  
  1364419833344aa6ab3f301059d43b9506197501
- SHA256
  
  9663dc275239aa93ceccedae7a0d54e10def18dd177d231264a323a4175a23d4
- SHA512
  
  71855c2e52c1b65697a6a0843373d2039dc50db4155415dd7c76707870cdf05b1a829145837f3ec10801bdfa79a5dc44afb83b87da78472533394006c8cf38e7
Score

10^/10

bazarbackdoor bazarloader backdoor dropper loader
- Bazar Loader
  Detected loader normally used to deploy BazarBackdoor malware.
  loader dropper bazarloader
- BazarBackdoor
  Stealthy backdoor targeting corporate networks, believed to be developed by Trickbot's authors.
  backdoor bazarbackdoor
- Bazar/Team9 Backdoor payload
- Bazar/Team9 Loader payload
- Suspicious use of SetThreadContext
behavioral1 behavioral2

MITRE ATT&CK Matrix

Tasks

static1

behavioral1

bazarbackdoorbazarloaderbackdoordropperloader

behavioral2

bazarbackdoorbazarloaderbackdoordropperloader

© 2018-2024

Terms | Privacy