Analysis
-
max time kernel
119s -
max time network
131s -
platform
windows10_x64 -
resource
win10-en-20211104 -
submitted
25-11-2021 16:48
Static task
static1
Behavioral task
behavioral1
Sample
73d.dll
Resource
win7-en-20211104
windows7_x64
0 signatures
0 seconds
Behavioral task
behavioral2
Sample
73d.dll
Resource
win10-en-20211104
windows10_x64
0 signatures
0 seconds
General
-
Target
73d.dll
-
Size
192KB
-
MD5
22772708f29d1d82688957f1ee572f40
-
SHA1
cbba8f327d481e64327a05f5b58398c9eb17ceda
-
SHA256
73df9097a26595ae9455d866a9bcc9c703700b62946baadbe1d431805f7e2e2d
-
SHA512
48c1b78843e322d5fe9784ea861721211abd0a4d5b982b2f152e7e14f159ee103712224ca6ce9c788a659983fc84eb3eea04ca71e1e925c3a1e02b10a616e2db
Score
10/10
Malware Config
Signatures
-
Bazar Loader
Detected loader normally used to deploy BazarBackdoor malware.
-
Bazar/Team9 Loader payload 2 IoCs
Processes:
resource yara_rule behavioral2/memory/3620-118-0x0000000002BA0000-0x0000000002C9C000-memory.dmp BazarLoaderVar6 behavioral2/memory/648-119-0x0000016A8CE80000-0x0000016A8CF7C000-memory.dmp BazarLoaderVar6