Analysis
-
max time kernel
149s -
max time network
196s -
platform
windows7_x64 -
resource
win7-en-20210920 -
submitted
25-10-2021 19:15
Static task
static1
Behavioral task
behavioral1
Sample
GiecQSs.bin.dll
Resource
win7-en-20210920
windows7_x64
0 signatures
0 seconds
Behavioral task
behavioral2
Sample
GiecQSs.bin.dll
Resource
win10-en-20211014
windows10_x64
0 signatures
0 seconds
General
-
Target
GiecQSs.bin.dll
-
Size
186KB
-
MD5
6bdc157542846873b3ea1854f4e93d76
-
SHA1
b14ed5008108b570ec40c3c2d8390d0efb31cef7
-
SHA256
fd17907d5c330897248b4eeb10b26bd72a1a9d15eb8422c80a4bf17a9eccc24d
-
SHA512
2ecb5c8695e927369e464634d2464e6e6e25f660453b3b6c43b035d883627a57c90ccdc5da467b4b110ff735a445332735ca9413ad0c723fb4a11cbd4d82f045
Score
10/10
Malware Config
Signatures
-
Bazar Loader
Detected loader normally used to deploy BazarBackdoor malware.
-
Bazar/Team9 Loader payload 1 IoCs
Processes:
resource yara_rule behavioral1/memory/1112-54-0x00000000001C0000-0x00000000001F0000-memory.dmp BazarLoaderVar5