19577cb3266c3944ad074baf9878ae7e576e5bcd9abc261f40c62a84baa5c3ca | Triage

Analysis

max time kernel
142s
max time network
152s
submitted
01-01-1970 00:00

Sharing

Report Analysis Logs

General

Target

iMemW.bin.dll
Size

161KB
MD5

e6be1b07398b7b5b293067dbcb0b7a98
SHA1

9b2040e9187df19bf422f90982e854820e07ae0c
SHA256

19577cb3266c3944ad074baf9878ae7e576e5bcd9abc261f40c62a84baa5c3ca
SHA512

37ca0c3278552d2346eeee1f36e6a7a9a20e3835a7199c66483631cdc138efc2705d333a477d0dc1580c7991b2bc502e1720d01998346f1bd5fd04d864d5055c

Score

8^/10

Malware Config

Signatures

Tries to connect to .bazar domain 4 IoCs
Attempts to lookup or connect to a .bazar domain, used by BazarBackdoor, Trickbot, and potentially others.

Processes:

flow ioc

31 whitestorm9p.bazar
32 aqsouhyw.bazar
29 reddew28c.bazar
30 bluehail.bazar

C:\Windows\system32\regsvr32.exe
regsvr32 /s C:\Users\Admin\AppData\Local\Temp\iMemW.bin.dll
1⤵
PID:3160

Network

MITRE ATT&CK Matrix

Replay Monitor

Loading Replay Monitor...