General
Target

main.php

Size

329KB

Sample

211029-qwckjaabcq

Score
10/10
MD5

9c9b58c38841af6f89ff90a746d63cec

SHA1

95481d6dfa4660bd24ac519561269b6fbd4571c1

SHA256

11f3d84aad7131fe124155c9edfceb594649e87de1ee03383f470442d6ed69a1

SHA512

7b32798e4652f05861cdb5e03abb1eeebe4183c4f5411cc73166fc1e31dab37c00104e3cc035b2fc9c8c3300b561c17b9cffccc8af79fbc78ea2b1b1e721b518

Malware Config
Targets
Target

main.php

MD5

9c9b58c38841af6f89ff90a746d63cec

Filesize

329KB

Score
10/10
SHA1

95481d6dfa4660bd24ac519561269b6fbd4571c1

SHA256

11f3d84aad7131fe124155c9edfceb594649e87de1ee03383f470442d6ed69a1

SHA512

7b32798e4652f05861cdb5e03abb1eeebe4183c4f5411cc73166fc1e31dab37c00104e3cc035b2fc9c8c3300b561c17b9cffccc8af79fbc78ea2b1b1e721b518

Tags

Signatures

  • Bazar Loader

    Description

    Detected loader normally used to deploy BazarBackdoor malware.

    Tags

  • suricata: ET MALWARE BazaLoader Activity (GET)

    Description

    suricata: ET MALWARE BazaLoader Activity (GET)

    Tags

  • Bazar/Team9 Loader payload

Related Tasks

MITRE ATT&CK Matrix
Collection
    Command and Control
      Credential Access
        Defense Evasion
          Discovery
            Execution
              Exfiltration
                Impact
                  Initial Access
                    Lateral Movement
                      Persistence
                        Privilege Escalation
                          Tasks

                          static1

                          Score
                          N/A

                          behavioral1

                          Score
                          10/10

                          behavioral2

                          Score
                          10/10