Overview

overview

10

Static

static

a9fcda632b...02.exe

windows7_x64

10

a9fcda632b...02.exe

windows10_x64

10

Resubmissions

22-10-2021 16:09

211022-tl4g2sbgh6 10

22-10-2021 15:52

211022-tbarzsbgg7 10

Sharing

Copy URL
Twitter E-mail

General

  • Target

    a9fcda632ba40fae6b5a57b6783a0fc898f78ab30880329c8f655650c6e84f02.zip

  • Size

    223KB

  • Sample

    211022-tbarzsbgg7

  • MD5

    ecfee954014dfc97d775350c7d28c807

  • SHA1

    04c3164e1e3257cf0f890f93781ad632d1852a2b

  • SHA256

    8c9dd9e1f962ea86e68867f6010d1350a8588d3414df01d5e1c3c16d5f95edfe

  • SHA512

    42d93fe0be80a4119980e12117852073bbaf09973c927e72f2ac50ffd947d2f5f1c7b001663d5c0b8b2ddcd6c4a6f69f6eede6a55cb9c338f5420ff05120f7e1

Score
10/10
bazarloaderdropperloader

Malware Config

Targets

    • Target

      a9fcda632ba40fae6b5a57b6783a0fc898f78ab30880329c8f655650c6e84f02

    • Size

      333KB

    • MD5

      8b2429cc08ac77262445bd9b8959ed96

    • SHA1

      f85864df27316ac0cc6b55ba5cdd25a9fb78a201

    • SHA256

      a9fcda632ba40fae6b5a57b6783a0fc898f78ab30880329c8f655650c6e84f02

    • SHA512

      616ca633297551d12b73be919d415729d4c3c7f0809b011386e195e5f6fcf8cf8cc5a873ae38aab48c08b7c011c7301650b460e57b5ea4754341d1620e3e42eb

    Score
    10/10
    bazarloaderdropperloader

    • Bazar Loader

      Detected loader normally used to deploy BazarBackdoor malware.

      loaderdropperbazarloader

    • Bazar/Team9 Loader payload

    • Tries to connect to .bazar domain

      Attempts to lookup or connect to a .bazar domain, used by BazarBackdoor, Trickbot, and potentially others.

    behavioral1behavioral2

MITRE ATT&CK Matrix

Tasks