bazarloader | 19577cb3266c3944ad074baf9878ae7e576e5bcd9abc261f40c62a84baa5c3ca | Triage

Submit
Reports

Overview

overview

8

Static

static

iMemW.bin.dll

windows7_x64

1

iMemW.bin.dll

windows10_x64

8

Sharing

General

Target

iMemW.bin
Size

161KB
Sample

211027-w3ydgagcb3
MD5

e6be1b07398b7b5b293067dbcb0b7a98
SHA1

9b2040e9187df19bf422f90982e854820e07ae0c
SHA256

19577cb3266c3944ad074baf9878ae7e576e5bcd9abc261f40c62a84baa5c3ca
SHA512

37ca0c3278552d2346eeee1f36e6a7a9a20e3835a7199c66483631cdc138efc2705d333a477d0dc1580c7991b2bc502e1720d01998346f1bd5fd04d864d5055c

Score

10^/10

bazarloader

Static task

static1

Behavioral task

behavioral1

Sample

iMemW.bin.dll

Resource

win7-en-20211014

windows7_x64

0 signatures

0 seconds

Behavioral task

behavioral2

Sample

iMemW.bin.dll

Resource

win10-en-20210920

windows10_x64

0 signatures

0 seconds

Malware Config

Targets

- Target
  
  iMemW.bin
- Size
  
  161KB
- MD5
  
  e6be1b07398b7b5b293067dbcb0b7a98
- SHA1
  
  9b2040e9187df19bf422f90982e854820e07ae0c
- SHA256
  
  19577cb3266c3944ad074baf9878ae7e576e5bcd9abc261f40c62a84baa5c3ca
- SHA512
  
  37ca0c3278552d2346eeee1f36e6a7a9a20e3835a7199c66483631cdc138efc2705d333a477d0dc1580c7991b2bc502e1720d01998346f1bd5fd04d864d5055c
Score

8^/10
- Tries to connect to .bazar domain
  Attempts to lookup or connect to a .bazar domain, used by BazarBackdoor, Trickbot, and potentially others.
behavioral1 behavioral2

MITRE ATT&CK Matrix

Tasks

static1

behavioral1

behavioral2

© 2018-2024

Terms | Privacy