Overview

overview

10

Static

static

c18acf443a...2d.dll

windows7_x64

10

c18acf443a...2d.dll

windows10_x64

10

Resubmissions

22-10-2021 08:03

211022-jxpsxsbcg8 10

21-10-2021 18:03

211021-wm22qabebn 10

Analysis

  • max time kernel
    148s
  • max time network
    151s
  • platform
    windows10_x64
  • resource
    win10-en-20210920
  • submitted
    21-10-2021 18:03

Sharing

Copy URL
Twitter E-mail
Report Analysis Logs

General

  • Target

    c18acf443a95d2f705fa3c8e0477622d.dll

  • Size

    341KB

  • MD5

    c18acf443a95d2f705fa3c8e0477622d

  • SHA1

    f2077a96a8015f19fa21ca27b8203aa999aac2d5

  • SHA256

    4a3dc99f99af4f2d8bd707a4163886df47cbdf6934856c416785010334412043

  • SHA512

    22471dfc4b42cad9a0099a8e0ed17b45f23ab387c0d5bf9fe3786cfabea1e17ce3ecf9638d7027af311cbbe218ad72da2d24f8d9e742030d21875738aeb09c5f

Score
10/10
bazarloaderdropperloadersuricata

Malware Config

Signatures

  • Bazar Loader

    Detected loader normally used to deploy BazarBackdoor malware.

    loaderdropperbazarloader
  • suricata: ET MALWARE BazaLoader Activity (GET)

    suricata: ET MALWARE BazaLoader Activity (GET)

    suricata
  • Bazar/Team9 Loader payload 1 IoCs

Processes

  • C:\Windows\system32\regsvr32.exe
    regsvr32 /s C:\Users\Admin\AppData\Local\Temp\c18acf443a95d2f705fa3c8e0477622d.dll
    1⤵
      PID:1996

    Network

    MITRE ATT&CK Matrix

    Replay Monitor

    Loading Replay Monitor...

    Downloads

    • memory/1996-115-0x0000000002190000-0x00000000023B6000-memory.dmp
      Filesize

      2.1MB

      Download