Analysis
-
max time kernel
4294148s -
max time network
34s -
platform
windows7_x64 -
resource
win7-20220223-en -
submitted
11-03-2022 03:41
Static task
static1
Behavioral task
behavioral1
Sample
cc41ec361915ff52fcce2d6a861b4b2acd8c7187965125600a93db585cdf934d.dll
Resource
win7-20220223-en
Behavioral task
behavioral2
Sample
cc41ec361915ff52fcce2d6a861b4b2acd8c7187965125600a93db585cdf934d.dll
Resource
win10v2004-en-20220113
General
-
Target
cc41ec361915ff52fcce2d6a861b4b2acd8c7187965125600a93db585cdf934d.dll
-
Size
710KB
-
MD5
eb7fbf38d547b3d134d64fceae6599d8
-
SHA1
0900597b110bfd836c418be137f50e4c91198700
-
SHA256
cc41ec361915ff52fcce2d6a861b4b2acd8c7187965125600a93db585cdf934d
-
SHA512
283dcabf7266f697ed5c1f757ab1fd4ce9224bb8cfec003421c5bbdf3a43a63f82729f1e97a6663ab0926c09b3576047d59746e6d43a6d7a99f9f4bccd012d98
Malware Config
Signatures
-
Bazar Loader
Detected loader normally used to deploy BazarBackdoor malware.
-
Bazar/Team9 Loader payload 1 IoCs
Processes:
resource yara_rule behavioral1/memory/1664-54-0x0000000000390000-0x00000000003BB000-memory.dmp BazarLoaderVar6
Processes
Network
MITRE ATT&CK Matrix
Replay Monitor
Loading Replay Monitor...
Downloads
-
memory/1664-54-0x0000000000390000-0x00000000003BB000-memory.dmpFilesize
172KB