General

  • Target

    SharedFiles.dll

  • Size

    601KB

  • Sample

    211026-m7zmnahcb3

  • MD5

    fb88f4d22f14ca09ddeeca5d312f4d9f

  • SHA1

    734205a694689db504418101b91c9981e3a12deb

  • SHA256

    c17e71c7ae15fdb02a4e22df4f50fb44215211755effd6e3fc56e7f3e586b299

  • SHA512

    45031a4bbb1117c5e89f3538e5f363756c7a163d78be4346889f09df11d39b27e3d4e0de2a9b44e9d07f423db43416923aea1b1e5d92128cfc1bfb10f2acc291

Malware Config

Targets

    • Target

      SharedFiles.dll

    • Size

      601KB

    • MD5

      fb88f4d22f14ca09ddeeca5d312f4d9f

    • SHA1

      734205a694689db504418101b91c9981e3a12deb

    • SHA256

      c17e71c7ae15fdb02a4e22df4f50fb44215211755effd6e3fc56e7f3e586b299

    • SHA512

      45031a4bbb1117c5e89f3538e5f363756c7a163d78be4346889f09df11d39b27e3d4e0de2a9b44e9d07f423db43416923aea1b1e5d92128cfc1bfb10f2acc291

    • Bazar Loader

      Detected loader normally used to deploy BazarBackdoor malware.

    • Bazar/Team9 Loader payload

    • Blocklisted process makes network request

MITRE ATT&CK Matrix

Tasks