Overview

overview

10

Static

static

061dfb6a25...52.dll

windows7_x64

10

061dfb6a25...52.dll

windows10_x64

10

06d55f75d7...d2.dll

windows7_x64

10

06d55f75d7...d2.dll

windows10_x64

10

24401ac43b...65.dll

windows7_x64

1

24401ac43b...65.dll

windows10_x64

1

260e2d5769...40.dll

windows7_x64

10

260e2d5769...40.dll

windows10_x64

10

26cd036960...18.dll

windows7_x64

10

26cd036960...18.dll

windows10_x64

10

2a0a88a2e5...4a.dll

windows7_x64

10

2a0a88a2e5...4a.dll

windows10_x64

3

2f33217d51...94.dll

windows7_x64

10

2f33217d51...94.dll

windows10_x64

10

336cdd146b...da.dll

windows7_x64

10

336cdd146b...da.dll

windows10_x64

10

417c1828d9...73.dll

windows7_x64

10

417c1828d9...73.dll

windows10_x64

10

4d3095c796...ee.dll

windows7_x64

10

4d3095c796...ee.dll

windows10_x64

10

54e526fe05...4c.dll

windows7_x64

1

54e526fe05...4c.dll

windows10_x64

1

6402b33d72...3b.dll

windows7_x64

10

6402b33d72...3b.dll

windows10_x64

10

64c044cb3e...db.dll

windows7_x64

10

64c044cb3e...db.dll

windows10_x64

10

671f477c30...4e.dll

windows7_x64

10

671f477c30...4e.dll

windows10_x64

10

67785724b6...ce.dll

windows7_x64

1

67785724b6...ce.dll

windows10_x64

3

6c6934613a...fb.dll

windows7_x64

10

6c6934613a...fb.dll

windows10_x64

10

Resubmissions

01-11-2021 12:31

211101-pp5r3ahha4 10

31-10-2021 09:03

211031-k1bwxacfaq 10

14-10-2021 01:44

211014-b6aflafeg4 10

Analysis

  • max time kernel
    148s
  • max time network
    147s
  • platform
    windows10_x64
  • resource
    win10v20210408
  • submitted
    14-10-2021 01:44

Sharing

Copy URL
Twitter E-mail
Report Analysis Logs

General

  • Target

    6c6934613abde41f82043bb7c269a1e614920a83a2b90eaf325ca7b998183efb.dll

  • Size

    172KB

  • MD5

    f943853cddc15b59823962b28f08b809

  • SHA1

    3e46675756a6f0dc722c620f3bc12610fe27c010

  • SHA256

    6c6934613abde41f82043bb7c269a1e614920a83a2b90eaf325ca7b998183efb

  • SHA512

    1a524916b6af5b071e2d4e533fb302b062383c2edb941a7a6e3d9e92897b2e7f612aa444eeff8c4de6499421f3823d54efa9b375b22c0fe6d301ff1bcb632985

Score
10/10
bazarloaderdropperloader

Malware Config

Signatures

  • Bazar Loader

    Detected loader normally used to deploy BazarBackdoor malware.

    loaderdropperbazarloader
  • Bazar/Team9 Loader payload 2 IoCs

Processes

  • C:\Windows\system32\regsvr32.exe
    regsvr32 /s C:\Users\Admin\AppData\Local\Temp\6c6934613abde41f82043bb7c269a1e614920a83a2b90eaf325ca7b998183efb.dll
    1⤵
      PID:636
    • C:\Windows\System32\rundll32.exe
      C:\Windows\System32\rundll32.exe C:\Users\Admin\AppData\Local\Temp\6c6934613abde41f82043bb7c269a1e614920a83a2b90eaf325ca7b998183efb.dll,DllRegisterServer {66473296-9BFD-420D-88E9-9F0AE91234E1}
      1⤵
        PID:596

      Network

      MITRE ATT&CK Matrix

      Replay Monitor

      Loading Replay Monitor...

      Downloads

      • memory/596-118-0x000001F2DD410000-0x000001F2DD53C000-memory.dmp
        Filesize

        1.2MB

        Download
      • memory/636-117-0x00000000027B0000-0x00000000028DC000-memory.dmp
        Filesize

        1.2MB

        Download