General
Target

iCoreBr.jpg

Size

1MB

Sample

210727-v3d6d2mxcs

Score
10/10
MD5

132e6560ca121679635684e812586bba

SHA1

6f48b7929e65aac27f3bf3cce24c7ad40624dc74

SHA256

c882f778e40b276c90d467816deda7605d9955e4302aa6ab7467aeae3f155048

SHA512

3c3fd439c29e36a2ef174f82c4df36c89a87bbc2e280753166bc25b14b6066fc6b0eff7101e4b301e51722271b76ebdb79dbf58a201a7a4c8bcb64e708e6a4a5

Malware Config
Targets
Target

iCoreBr.jpg

MD5

132e6560ca121679635684e812586bba

Filesize

1MB

Score
10/10
SHA1

6f48b7929e65aac27f3bf3cce24c7ad40624dc74

SHA256

c882f778e40b276c90d467816deda7605d9955e4302aa6ab7467aeae3f155048

SHA512

3c3fd439c29e36a2ef174f82c4df36c89a87bbc2e280753166bc25b14b6066fc6b0eff7101e4b301e51722271b76ebdb79dbf58a201a7a4c8bcb64e708e6a4a5

Tags

Signatures

  • Bazar Loader

    Description

    Detected loader normally used to deploy BazarBackdoor malware.

    Tags

  • Bazar/Team9 Loader payload

  • Loads dropped DLL

  • Adds Run key to start application

    Tags

    TTPs

    Registry Run Keys / Startup FolderModify Registry

Related Tasks

MITRE ATT&CK Matrix
Collection
    Command and Control
      Credential Access
        Defense Evasion
        Execution
          Exfiltration
            Impact
              Initial Access
                Lateral Movement
                  Privilege Escalation
                    Tasks

                    static1

                    Score
                    N/A

                    behavioral1

                    Score
                    10/10

                    behavioral2

                    Score
                    10/10