General

  • Target

    3ac316aac73c0740b4991a78b88832bf

  • Size

    1.7MB

  • Sample

    220118-3t17bseac7

  • MD5

    3ac316aac73c0740b4991a78b88832bf

  • SHA1

    5b9890709fb8c6a3f22868992fed7dbc2dfcc003

  • SHA256

    a2e85069fc46ebd9d42f5032342656337b40583c3f94f82f653e17dd5bae7f5f

  • SHA512

    fba4392e148a1dc6c4214217cddea51f104b1b193a4dd4eca5b904fd5a96bc68bc4988ab02a22ea0d576f081b4154931813c2a957697ed9613bde0afd8690c0a

Malware Config

Extracted

Language
xlm4.0
Source

Targets

    • Target

      3ac316aac73c0740b4991a78b88832bf

    • Size

      1.7MB

    • MD5

      3ac316aac73c0740b4991a78b88832bf

    • SHA1

      5b9890709fb8c6a3f22868992fed7dbc2dfcc003

    • SHA256

      a2e85069fc46ebd9d42f5032342656337b40583c3f94f82f653e17dd5bae7f5f

    • SHA512

      fba4392e148a1dc6c4214217cddea51f104b1b193a4dd4eca5b904fd5a96bc68bc4988ab02a22ea0d576f081b4154931813c2a957697ed9613bde0afd8690c0a

    • Bazar Loader

      Detected loader normally used to deploy BazarBackdoor malware.

    • Process spawned unexpected child process

      This typically indicates the parent process was compromised via an exploit or macro.

    • Bazar/Team9 Loader payload

    • Loads dropped DLL

MITRE ATT&CK Enterprise v6

Tasks