General
-
Target
b9a239b2a4529fb7b9af59f566a023370b0a7731eaed40c971da4ab63e53b866
-
Size
412KB
-
Sample
211014-pk2vlshee8
-
MD5
d2ce8c98663fdb708eebe135d0698e2f
-
SHA1
226acd6a8c0b85d97d3a857ff97609bf78111c20
-
SHA256
b9a239b2a4529fb7b9af59f566a023370b0a7731eaed40c971da4ab63e53b866
-
SHA512
6ce3ee9aa0b2036f48cca0e1a85decbe338bf3a37790842f8a6665e1d3fa79d1b9e7e93857dbd6eaa4e2f6c27868cd7bebff0cce3f1f897881d921ca6a7d4f42
Static task
static1
Behavioral task
behavioral1
Sample
b9a239b2a4529fb7b9af59f566a023370b0a7731eaed40c971da4ab63e53b866.dll
Resource
win7-en-20210920
Behavioral task
behavioral2
Sample
b9a239b2a4529fb7b9af59f566a023370b0a7731eaed40c971da4ab63e53b866.dll
Resource
win10-en-20210920
Malware Config
Targets
-
-
Target
b9a239b2a4529fb7b9af59f566a023370b0a7731eaed40c971da4ab63e53b866
-
Size
412KB
-
MD5
d2ce8c98663fdb708eebe135d0698e2f
-
SHA1
226acd6a8c0b85d97d3a857ff97609bf78111c20
-
SHA256
b9a239b2a4529fb7b9af59f566a023370b0a7731eaed40c971da4ab63e53b866
-
SHA512
6ce3ee9aa0b2036f48cca0e1a85decbe338bf3a37790842f8a6665e1d3fa79d1b9e7e93857dbd6eaa4e2f6c27868cd7bebff0cce3f1f897881d921ca6a7d4f42
Score10/10-
Bazar/Team9 Loader payload
-
Blocklisted process makes network request
-
Tries to connect to .bazar domain
Attempts to lookup or connect to a .bazar domain, used by BazarBackdoor, Trickbot, and potentially others.
-