Analysis
-
max time kernel
142s -
max time network
152s -
submitted
01-01-1970 00:00
Static task
static1
Behavioral task
behavioral1
Sample
iMemW.bin.dll
Resource
win7-en-20211014
windows7_x64
0 signatures
0 seconds
Behavioral task
behavioral2
Sample
iMemW.bin.dll
Resource
win10-en-20210920
windows10_x64
0 signatures
0 seconds
General
-
Target
iMemW.bin.dll
-
Size
161KB
-
MD5
e6be1b07398b7b5b293067dbcb0b7a98
-
SHA1
9b2040e9187df19bf422f90982e854820e07ae0c
-
SHA256
19577cb3266c3944ad074baf9878ae7e576e5bcd9abc261f40c62a84baa5c3ca
-
SHA512
37ca0c3278552d2346eeee1f36e6a7a9a20e3835a7199c66483631cdc138efc2705d333a477d0dc1580c7991b2bc502e1720d01998346f1bd5fd04d864d5055c
Score
8/10
Malware Config
Signatures
-
Tries to connect to .bazar domain 4 IoCs
Attempts to lookup or connect to a .bazar domain, used by BazarBackdoor, Trickbot, and potentially others.
Processes:
flow ioc 31 whitestorm9p.bazar 32 aqsouhyw.bazar 29 reddew28c.bazar 30 bluehail.bazar