Analysis
-
max time kernel
106s -
max time network
120s -
platform
windows10_x64 -
resource
win10-en-20211104 -
submitted
25-11-2021 16:48
Static task
static1
Behavioral task
behavioral1
Sample
6e9.dll
Resource
win7-en-20211104
windows7_x64
0 signatures
0 seconds
Behavioral task
behavioral2
Sample
6e9.dll
Resource
win10-en-20211104
windows10_x64
0 signatures
0 seconds
General
-
Target
6e9.dll
-
Size
299KB
-
MD5
22b5e032fe580f4e2a9b60901b50a71a
-
SHA1
81dec8703a7fa0bb893ba71a47eece13ab18ca7c
-
SHA256
6e9dc528a78281330852cea1b921d9b2d2776573215e6df143021edb8e3e1dfa
-
SHA512
c78dc7bdfba8f57cf8d64977b05e46ef4ef81d7f99a80d1921f4d32176404dee667d26a898eb0650be2c8d965720b3ea3c4eae39c5e67bd8b01a528b32f1d2a1
Score
10/10
Malware Config
Signatures
-
Bazar Loader
Detected loader normally used to deploy BazarBackdoor malware.
-
Bazar/Team9 Loader payload 2 IoCs
Processes:
resource yara_rule behavioral2/memory/2380-118-0x0000000002850000-0x0000000002A24000-memory.dmp BazarLoaderVar6 behavioral2/memory/4068-119-0x000001DE42930000-0x000001DE42B04000-memory.dmp BazarLoaderVar6