Overview

overview

10

Static

static

029b714502...39.dll

windows11_x64

10

061dfb6a25...52.dll

windows11_x64

10

06d55f75d7...d2.dll

windows11_x64

10

24401ac43b...65.dll

windows11_x64

8

260e2d5769...40.dll

windows11_x64

10

26cd036960...18.dll

windows11_x64

10

2a0a88a2e5...4a.dll

windows11_x64

10

2f33217d51...94.dll

windows11_x64

10

336cdd146b...da.dll

windows11_x64

10

417c1828d9...73.dll

windows11_x64

10

4d3095c796...ee.dll

windows11_x64

10

54e526fe05...4c.dll

windows11_x64

10

6402b33d72...3b.dll

windows11_x64

10

64c044cb3e...db.dll

windows11_x64

10

671f477c30...4e.dll

windows11_x64

10

67785724b6...ce.dll

windows11_x64

10

6c6934613a...fb.dll

windows11_x64

10

6f63742c25...fd.dll

windows11_x64

10

813a9b03c6...48.dll

windows11_x64

10

839ac59a78...e3.dll

windows11_x64

10

85d0b72fe8...39.dll

windows11_x64

10

a34cb4049e...c4.dll

windows11_x64

1

a55c19c552...60.dll

windows11_x64

1

a98e988f03...48.dll

windows11_x64

10

acc31f97c3...27.dll

windows11_x64

10

b194eec1e5...c7.dll

windows11_x64

10

bac73f9cce...00.dll

windows11_x64

10

c5d2f0da18...0c.dll

windows11_x64

10

d559ee0a26...7e.dll

windows11_x64

8

db5276c0d5...79.dll

windows11_x64

10

e5efde9740...15.dll

windows11_x64

10

fe028e6f99...1c.dll

windows11_x64

10

Resubmissions

01-11-2021 12:31

211101-pp5r3ahha4 10

31-10-2021 09:03

211031-k1bwxacfaq 10

14-10-2021 01:44

211014-b6aflafeg4 10

Analysis

  • max time kernel
    530s
  • max time network
    549s
  • platform
    windows11_x64
  • resource
    win11
  • submitted
    01-11-2021 12:31

Sharing

Copy URL
Twitter E-mail
Report Analysis Logs

General

  • Target

    2f33217d51117cf3d6c6ed3ab50724964367fc7a85e1bb1dc87d241b8d953894.dll

  • Size

    172KB

  • MD5

    2c55997f5febc79d8aec77991f178138

  • SHA1

    9d6d02ba0d021b6cdbf1fb8f594ebab3214325da

  • SHA256

    2f33217d51117cf3d6c6ed3ab50724964367fc7a85e1bb1dc87d241b8d953894

  • SHA512

    099ad760edaf05a1b180f451c48762627bfc374c8ed2e1ff8969d18787a366495b3576cf7f3724c932d52fa34897e4ee57b7824df9c11d6f6784ec310ee40820

Score
10/10
bazarloaderdropperloader

Malware Config

Signatures

  • Bazar Loader

    Detected loader normally used to deploy BazarBackdoor malware.

    loaderdropperbazarloader
  • Bazar/Team9 Loader payload 2 IoCs

Processes

  • C:\Windows\system32\regsvr32.exe
    regsvr32 /s C:\Users\Admin\AppData\Local\Temp\2f33217d51117cf3d6c6ed3ab50724964367fc7a85e1bb1dc87d241b8d953894.dll
    1⤵
      PID:4564
    • C:\Windows\System32\rundll32.exe
      C:\Windows\System32\rundll32.exe C:\Users\Admin\AppData\Local\Temp\2f33217d51117cf3d6c6ed3ab50724964367fc7a85e1bb1dc87d241b8d953894.dll,DllRegisterServer {E2EE75D8-B359-4006-BB58-5F375D98AE32}
      1⤵
        PID:1736

      Network

      MITRE ATT&CK Matrix

      Replay Monitor

      Loading Replay Monitor...

      Downloads

      • memory/1736-147-0x000001E63E290000-0x000001E63E3BC000-memory.dmp
        Filesize

        1.2MB

        Download
      • memory/4564-146-0x0000000002AB0000-0x0000000002BDC000-memory.dmp
        Filesize

        1.2MB

        Download