General

  • Target

    SecuriteInfo.com.Variant.Tedy.67730.15459.9774

  • Size

    1.7MB

  • Sample

    220118-x7wacacgb6

  • MD5

    93de860de91f118f3ca02d92d7406632

  • SHA1

    e6a63c3b12c0e9216189529837ff2c6acf6896ff

  • SHA256

    cde9da874805fce066203681f88254cb84d6be7d77b3f0794140decc1e1448ea

  • SHA512

    07afe2c79cb0ac26379504bbfd83d37eb085cc1cc50cf6a67c2e1a874cbb88a0be91fecca15e769c4fea3fe7d37178a2c8d6f5675ad6bf33c33cadb5e5d1346f

Malware Config

Extracted

Language
xlm4.0
Source

Targets

    • Target

      SecuriteInfo.com.Variant.Tedy.67730.15459.9774

    • Size

      1.7MB

    • MD5

      93de860de91f118f3ca02d92d7406632

    • SHA1

      e6a63c3b12c0e9216189529837ff2c6acf6896ff

    • SHA256

      cde9da874805fce066203681f88254cb84d6be7d77b3f0794140decc1e1448ea

    • SHA512

      07afe2c79cb0ac26379504bbfd83d37eb085cc1cc50cf6a67c2e1a874cbb88a0be91fecca15e769c4fea3fe7d37178a2c8d6f5675ad6bf33c33cadb5e5d1346f

    • Bazar Loader

      Detected loader normally used to deploy BazarBackdoor malware.

    • Process spawned unexpected child process

      This typically indicates the parent process was compromised via an exploit or macro.

    • Bazar/Team9 Loader payload

    • Loads dropped DLL

MITRE ATT&CK Enterprise v6

Tasks