General
-
Target
resource.dll
-
Size
411KB
-
Sample
211208-mtc7hahgar
-
MD5
e213401158fcd632f758cd8bda224c7a
-
SHA1
407852c802d47e368f8e92a14c3b107eb34ec68b
-
SHA256
4a5f37ff394af7a750b1933c3e77b927043e933bfa715c917c824fbc645c940c
-
SHA512
66e3485f72a76f51ca97a9cbcc893c25f3feffccb75de4429bf69523174c5881552bb54c95977cc9684667b756cf9fa02e3c4ed00a487b5ae177f12cf12954af
Static task
static1
Behavioral task
behavioral1
Sample
resource.dll
Resource
win7-en-20211104
Behavioral task
behavioral2
Sample
resource.dll
Resource
win10-en-20211014
Malware Config
Targets
-
-
Target
resource.dll
-
Size
411KB
-
MD5
e213401158fcd632f758cd8bda224c7a
-
SHA1
407852c802d47e368f8e92a14c3b107eb34ec68b
-
SHA256
4a5f37ff394af7a750b1933c3e77b927043e933bfa715c917c824fbc645c940c
-
SHA512
66e3485f72a76f51ca97a9cbcc893c25f3feffccb75de4429bf69523174c5881552bb54c95977cc9684667b756cf9fa02e3c4ed00a487b5ae177f12cf12954af
Score10/10-
Bazar/Team9 Loader payload
-
Blocklisted process makes network request
-
Tries to connect to .bazar domain
Attempts to lookup or connect to a .bazar domain, used by BazarBackdoor, Trickbot, and potentially others.
-