Analysis
-
max time kernel
122s -
max time network
167s -
platform
windows7_x64 -
resource
win7-en-20210920 -
submitted
21-10-2021 18:03
Static task
static1
Behavioral task
behavioral1
Sample
c18acf443a95d2f705fa3c8e0477622d.dll
Resource
win7-en-20210920
windows7_x64
0 signatures
0 seconds
Behavioral task
behavioral2
Sample
c18acf443a95d2f705fa3c8e0477622d.dll
Resource
win10-en-20210920
windows10_x64
0 signatures
0 seconds
General
-
Target
c18acf443a95d2f705fa3c8e0477622d.dll
-
Size
341KB
-
MD5
c18acf443a95d2f705fa3c8e0477622d
-
SHA1
f2077a96a8015f19fa21ca27b8203aa999aac2d5
-
SHA256
4a3dc99f99af4f2d8bd707a4163886df47cbdf6934856c416785010334412043
-
SHA512
22471dfc4b42cad9a0099a8e0ed17b45f23ab387c0d5bf9fe3786cfabea1e17ce3ecf9638d7027af311cbbe218ad72da2d24f8d9e742030d21875738aeb09c5f
Score
10/10
Malware Config
Signatures
-
Bazar Loader
Detected loader normally used to deploy BazarBackdoor malware.
-
suricata: ET MALWARE BazaLoader Activity (GET)
suricata: ET MALWARE BazaLoader Activity (GET)
-
Bazar/Team9 Loader payload 1 IoCs
Processes:
resource yara_rule behavioral1/memory/804-55-0x0000000001EB0000-0x00000000020D6000-memory.dmp BazarLoaderVar5