Analysis
-
max time kernel
132s -
max time network
140s -
platform
windows7_x64 -
resource
win7-en-20211104 -
submitted
25-11-2021 16:49
Static task
static1
Behavioral task
behavioral1
Sample
83a.dll
Resource
win7-en-20211104
windows7_x64
0 signatures
0 seconds
Behavioral task
behavioral2
Sample
83a.dll
Resource
win10-en-20211014
windows10_x64
0 signatures
0 seconds
General
-
Target
83a.dll
-
Size
278KB
-
MD5
8e91dc946e15d16b4c128e85fef3e047
-
SHA1
e6d47ebee8a3e870f01a2fe2664fb9ca6c8e5dac
-
SHA256
83a864de3939256d0a9d4d6523277329a1caa1a2a62238222f7865121d478843
-
SHA512
4d9c2eaa1af52b3ea4fb72b47d696bf7d57e1b414de254687184cf0196ac5f662bdef9c1066bac9089f5be27339cab60a3119915892ece1347f44c872706b4fe
Score
10/10
Malware Config
Signatures
-
Bazar Loader
Detected loader normally used to deploy BazarBackdoor malware.
-
Bazar/Team9 Loader payload 2 IoCs
Processes:
resource yara_rule behavioral1/memory/1452-56-0x0000000001F00000-0x0000000002008000-memory.dmp BazarLoaderVar6 behavioral1/memory/436-57-0x0000000001C20000-0x0000000001D28000-memory.dmp BazarLoaderVar6