Overview

overview

10

Static

static

029b714502...39.dll

windows11_x64

10

061dfb6a25...52.dll

windows11_x64

10

06d55f75d7...d2.dll

windows11_x64

10

24401ac43b...65.dll

windows11_x64

8

260e2d5769...40.dll

windows11_x64

10

26cd036960...18.dll

windows11_x64

10

2a0a88a2e5...4a.dll

windows11_x64

10

2f33217d51...94.dll

windows11_x64

10

336cdd146b...da.dll

windows11_x64

10

417c1828d9...73.dll

windows11_x64

10

4d3095c796...ee.dll

windows11_x64

10

54e526fe05...4c.dll

windows11_x64

10

6402b33d72...3b.dll

windows11_x64

10

64c044cb3e...db.dll

windows11_x64

10

671f477c30...4e.dll

windows11_x64

10

67785724b6...ce.dll

windows11_x64

10

6c6934613a...fb.dll

windows11_x64

10

6f63742c25...fd.dll

windows11_x64

10

813a9b03c6...48.dll

windows11_x64

10

839ac59a78...e3.dll

windows11_x64

10

85d0b72fe8...39.dll

windows11_x64

10

a34cb4049e...c4.dll

windows11_x64

1

a55c19c552...60.dll

windows11_x64

1

a98e988f03...48.dll

windows11_x64

10

acc31f97c3...27.dll

windows11_x64

10

b194eec1e5...c7.dll

windows11_x64

10

bac73f9cce...00.dll

windows11_x64

10

c5d2f0da18...0c.dll

windows11_x64

10

d559ee0a26...7e.dll

windows11_x64

8

db5276c0d5...79.dll

windows11_x64

10

e5efde9740...15.dll

windows11_x64

10

fe028e6f99...1c.dll

windows11_x64

10

Resubmissions

01-11-2021 12:31

211101-pp5r3ahha4 10

31-10-2021 09:03

211031-k1bwxacfaq 10

14-10-2021 01:44

211014-b6aflafeg4 10

Analysis

  • max time kernel
    583s
  • max time network
    602s
  • platform
    windows11_x64
  • resource
    win11
  • submitted
    01-11-2021 12:31

Sharing

Copy URL
Twitter E-mail
Report Analysis Logs

General

  • Target

    029b714502283599a5efb86d41c48fd46751ab727b707bde620e517ec3aa3c39.dll

  • Size

    288KB

  • MD5

    6baeb5a0cd83e3a9878dc4d6d7a5509c

  • SHA1

    93e655f671e4485473f0803787097e1f6a48a64c

  • SHA256

    029b714502283599a5efb86d41c48fd46751ab727b707bde620e517ec3aa3c39

  • SHA512

    dacd268b6bfad43f6c800a4c133b2e9d59477b77a93018d4c1c1cbf7086d5cdb400073bcc06a55a88fa80dd49d4e214332695ef9ed2ff6ea323c26441c8531b8

Score
10/10
bazarloaderdropperloader

Malware Config

Signatures

  • Bazar Loader

    Detected loader normally used to deploy BazarBackdoor malware.

    loaderdropperbazarloader
  • Bazar/Team9 Loader payload 2 IoCs

Processes

  • C:\Windows\system32\regsvr32.exe
    regsvr32 /s C:\Users\Admin\AppData\Local\Temp\029b714502283599a5efb86d41c48fd46751ab727b707bde620e517ec3aa3c39.dll
    1⤵
      PID:2760
    • C:\Windows\System32\rundll32.exe
      C:\Windows\System32\rundll32.exe C:\Users\Admin\AppData\Local\Temp\029b714502283599a5efb86d41c48fd46751ab727b707bde620e517ec3aa3c39.dll,StartW {9736927E-4415-4FDB-8582-A0998AD8E070}
      1⤵
        PID:2924

      Network

      MITRE ATT&CK Matrix

      Replay Monitor

      Loading Replay Monitor...

      Downloads

      • memory/2760-146-0x0000000002A10000-0x0000000002AEC000-memory.dmp
        Filesize

        880KB

        Download
      • memory/2924-147-0x00000277B81D0000-0x00000277B82AC000-memory.dmp
        Filesize

        880KB

        Download