Analysis
-
max time kernel
128s -
max time network
140s -
platform
windows7_x64 -
resource
win7-en-20211014 -
submitted
25-11-2021 15:52
Static task
static1
Behavioral task
behavioral1
Sample
52.dll
Resource
win7-en-20211014
windows7_x64
0 signatures
0 seconds
Behavioral task
behavioral2
Sample
52.dll
Resource
win10-en-20211014
windows10_x64
0 signatures
0 seconds
General
-
Target
52.dll
-
Size
299KB
-
MD5
1ce2ad0607e90dd209178e53d193a58b
-
SHA1
b46d8155ef68f312bfc1d4ababb29cd1615bcfc9
-
SHA256
52e31fe3a868e269990b40e21937791d8a68c5ed8eb1df03d698a6ae5b8aef5b
-
SHA512
a0fd101e86b3c6fe50045665ecc04872eb93a0f51e116ea26346bb8f8985fea97392a811c1535fd7c1dcf77d8b000af765eef57f69c1f15e542421bd9ca56df0
Score
10/10
Malware Config
Signatures
-
Bazar Loader
Detected loader normally used to deploy BazarBackdoor malware.
-
Bazar/Team9 Loader payload 2 IoCs
Processes:
resource yara_rule behavioral1/memory/1584-56-0x0000000001E90000-0x0000000002064000-memory.dmp BazarLoaderVar6 behavioral1/memory/796-57-0x0000000001D30000-0x0000000001F04000-memory.dmp BazarLoaderVar6