bazarloader | dc8e3a725389f5825d8e611d28b479a35503a40683a698f48f9fea2426fbd94d | Triage

Submit
Reports

Overview

overview

Static

static

peju1.dll

windows7_x64

peju1.dll

windows10_x64

Sharing

General

Target

peju1
Size

840KB
Sample

211022-q74hdscfbk
MD5

94fa0cf27497a96b3272e8ff5d770f31
SHA1

2309adb1980222f4b2c55f3537c4fc9b086aab06
SHA256

dc8e3a725389f5825d8e611d28b479a35503a40683a698f48f9fea2426fbd94d
SHA512

58d325ec08f7b74bde23397e1f1505f81e98f447e5a310e437976f5deca0b42ee0377cf2f8df182781c793bb6afd64e2767ba690235ca2eae2f74f96f33ad1c0

Score

10^/10

bazarloader dropper loader

Static task

static1

Behavioral task

behavioral1

Sample

peju1.dll

Resource

win7-en-20210920

bazarloader dropper loader

windows7_x64

0 signatures

0 seconds

Behavioral task

behavioral2

Sample

peju1.dll

Resource

win10-en-20210920

bazarloader dropper loader

windows10_x64

0 signatures

0 seconds

Malware Config

Targets

- Target
  
  peju1
- Size
  
  840KB
- MD5
  
  94fa0cf27497a96b3272e8ff5d770f31
- SHA1
  
  2309adb1980222f4b2c55f3537c4fc9b086aab06
- SHA256
  
  dc8e3a725389f5825d8e611d28b479a35503a40683a698f48f9fea2426fbd94d
- SHA512
  
  58d325ec08f7b74bde23397e1f1505f81e98f447e5a310e437976f5deca0b42ee0377cf2f8df182781c793bb6afd64e2767ba690235ca2eae2f74f96f33ad1c0
Score

10^/10

bazarloader dropper loader
- Bazar Loader
  Detected loader normally used to deploy BazarBackdoor malware.
  loader dropper bazarloader
- Suspicious use of NtCreateUserProcessOtherParentProcess
- Bazar/Team9 Loader payload
- Suspicious use of SetThreadContext
behavioral1 behavioral2

MITRE ATT&CK Matrix

Tasks

static1

behavioral1

bazarloaderdropperloader

behavioral2

bazarloaderdropperloader

© 2018-2024

Terms | Privacy