Resubmissions

16-03-2022 10:58

220316-m219ascgd6 10

16-09-2021 14:03

210916-rc1npagdel 10

15-09-2021 23:08

210915-24mw1sbeb5 1

General

  • Target

    DialogGL.EXE

  • Size

    224KB

  • Sample

    210916-rc1npagdel

  • MD5

    3e494cf9a64f6836638f8f99d4015d5b

  • SHA1

    de1d042453c77ba66bb9993c40245fd493fcb679

  • SHA256

    1625a3baefca74d244796f8ba85972350fda0994cf6752ac4d8ea8ff93052f42

  • SHA512

    e2db480175db189de53d35fe6a2318f9ccafec0ca709efa35d38444f52ab1a4db60a7ce9f4414131ee478dd262c50d904eec5eaf6fbd98b2ca2e95c590c89dee

Malware Config

Targets

    • Target

      DialogGL.EXE

    • Size

      224KB

    • MD5

      3e494cf9a64f6836638f8f99d4015d5b

    • SHA1

      de1d042453c77ba66bb9993c40245fd493fcb679

    • SHA256

      1625a3baefca74d244796f8ba85972350fda0994cf6752ac4d8ea8ff93052f42

    • SHA512

      e2db480175db189de53d35fe6a2318f9ccafec0ca709efa35d38444f52ab1a4db60a7ce9f4414131ee478dd262c50d904eec5eaf6fbd98b2ca2e95c590c89dee

    • Bazar Loader

      Detected loader normally used to deploy BazarBackdoor malware.

    • Bazar/Team9 Loader payload

    • Looks up external IP address via web service

      Uses a legitimate IP lookup service to find the infected system's external IP.

MITRE ATT&CK Enterprise v6

Tasks