Resubmissions

19/01/2022, 20:47

220119-zk1yesdbb4 10

19/01/2022, 20:28

220119-y9hmpschhp 1

General

  • Target

    https://1drv.ms/u/s!Aqdwe8MZEQc5b9Gbj2Cuj7NoiDo?e=fC5KAj

  • Sample

    220119-zk1yesdbb4

Malware Config

Targets

    • Target

      https://1drv.ms/u/s!Aqdwe8MZEQc5b9Gbj2Cuj7NoiDo?e=fC5KAj

    • Bazar Loader

      Detected loader normally used to deploy BazarBackdoor malware.

    • Process spawned unexpected child process

      This typically indicates the parent process was compromised via an exploit or macro.

    • Bazar/Team9 Loader payload

    • Blocklisted process makes network request

    • Loads dropped DLL

MITRE ATT&CK Enterprise v6

Tasks