bazarloader | bc5b812f4681af6921012d979b6306137a142df19dca1b9c2fcd393c9b4d7f6c | Triage

Submit
Reports

Overview

overview

Static

static

c59893a152...b4.dll

windows7_x64

c59893a152...b4.dll

windows10_x64

Sharing

General

Target

c59893a152b5eb07b5d95d26bd7d2208124c70b4.dll
Size

186KB
Sample

211025-z7zc4sgfe7
MD5

78de1f5c42d0446bd01c29e4707d432c
SHA1

c59893a152b5eb07b5d95d26bd7d2208124c70b4
SHA256

bc5b812f4681af6921012d979b6306137a142df19dca1b9c2fcd393c9b4d7f6c
SHA512

3d8f8f2ad7f6eefce3cc960797c32a402f08d5766b7cb45b60166a53e5d46304ddf7af4d24f42589363789fbe1178f5d2232c1e7f9c89a09c3f40f2bfbc171a8

Score

10^/10

bazarloader dropper loader

Static task

static1

Behavioral task

behavioral1

Sample

c59893a152b5eb07b5d95d26bd7d2208124c70b4.dll

Resource

win7-en-20210920

bazarloader dropper loader

windows7_x64

0 signatures

0 seconds

Behavioral task

behavioral2

Sample

c59893a152b5eb07b5d95d26bd7d2208124c70b4.dll

Resource

win10-en-20210920

bazarloader dropper loader

windows10_x64

0 signatures

0 seconds

Malware Config

Targets

- Target
  
  c59893a152b5eb07b5d95d26bd7d2208124c70b4.dll
- Size
  
  186KB
- MD5
  
  78de1f5c42d0446bd01c29e4707d432c
- SHA1
  
  c59893a152b5eb07b5d95d26bd7d2208124c70b4
- SHA256
  
  bc5b812f4681af6921012d979b6306137a142df19dca1b9c2fcd393c9b4d7f6c
- SHA512
  
  3d8f8f2ad7f6eefce3cc960797c32a402f08d5766b7cb45b60166a53e5d46304ddf7af4d24f42589363789fbe1178f5d2232c1e7f9c89a09c3f40f2bfbc171a8
Score

10^/10

bazarloader dropper loader
- Bazar Loader
  Detected loader normally used to deploy BazarBackdoor malware.
  loader dropper bazarloader
- Suspicious use of NtCreateUserProcessOtherParentProcess
- Bazar/Team9 Loader payload
- Suspicious use of SetThreadContext
behavioral1 behavioral2

MITRE ATT&CK Matrix

Tasks

static1

behavioral1

bazarloaderdropperloader

behavioral2

bazarloaderdropperloader

© 2018-2024

Terms | Privacy