Overview

overview

10

Static

static

cffg.dll

windows7_x64

10

cffg.dll

windows10_x64

10

Analysis

  • max time kernel
    120s
  • max time network
    127s
  • platform
    windows7_x64
  • resource
    win7-en-20210920
  • submitted
    25-10-2021 18:38

Sharing

Copy URL
Twitter E-mail
Report Analysis Logs

General

  • Target

    cffg.dll

  • Size

    601KB

  • MD5

    51b142045a760b0f8adb2062994f9546

  • SHA1

    87917ffdb0b187f1ae31b02d96ed52a325335226

  • SHA256

    2d0a527a47bf7655dd64f3ad7e8b2beca2a84c5b191aceed95bca86ce23a334d

  • SHA512

    bd7daff31c21089a96183f6edb7cf20cb7b4de4a73dbabb1a143a18777579ff59b3fff66a111577c49ce9e4a8ed1b9211ab770de70d098b3682642c5d94099d5

Score
10/10
bazarloaderdropperloader

Malware Config

Signatures

  • Bazar Loader

    Detected loader normally used to deploy BazarBackdoor malware.

    loaderdropperbazarloader
  • Bazar/Team9 Loader payload 1 IoCs

Processes

  • C:\Windows\system32\rundll32.exe
    rundll32.exe C:\Users\Admin\AppData\Local\Temp\cffg.dll,#1
    1⤵
      PID:820

    Network

    MITRE ATT&CK Matrix

    Replay Monitor

    Loading Replay Monitor...

    Downloads

    • memory/820-55-0x0000000180001000-0x000000018002E000-memory.dmp
      Filesize

      180KB

      Download
    • memory/820-54-0x0000000000110000-0x0000000000137000-memory.dmp
      Filesize

      156KB

      Download