bazarloader | cb6ae87cc52a29f8671dd58dc9e91a9daf09ba6c71a4c41086b6d3258b420058 | Triage

Analysis

max time kernel
4294183s
max time network
137s
platform
windows7_x64
resource
win7-20220311-en
submitted
16-03-2022 20:01

Sharing

Report Analysis Logs

General

Target

6a1001beba0c62ba359adcdc9da15fec32705ad3cb9fe1a974fcb8efacec9a66.dll
Size

711KB
MD5

85057a64e9682991b188c4d222ee4ca1
SHA1

6c729ff537c7815e0723cca160b6def015342264
SHA256

6a1001beba0c62ba359adcdc9da15fec32705ad3cb9fe1a974fcb8efacec9a66
SHA512

d35f9cc8f00ef6d834ee3333526b77a0f4ab07edc20204592a1a3ddf15ef980457563d91bd12c39dadec9092923fff1fc276e122fba2a7761b5fcb57f2d36a26

Score

10^/10

bazarloader dropper loader

Malware Config

Signatures

Bazar Loader
Detected loader normally used to deploy BazarBackdoor malware.
loader dropper bazarloader

Bazar/Team9 Loader payload 1 IoCs

Processes:

resource	yara_rule
behavioral1/memory/1496-54-0x0000000000130000-0x000000000015B000-memory.dmp	BazarLoaderVar6

C:\Windows\system32\rundll32.exe
rundll32.exe C:\Users\Admin\AppData\Local\Temp\6a1001beba0c62ba359adcdc9da15fec32705ad3cb9fe1a974fcb8efacec9a66.dll,#1
1⤵
PID:1496

Network

MITRE ATT&CK Matrix

Replay Monitor

Loading Replay Monitor...

Downloads

memory/1496-54-0x0000000000130000-0x000000000015B000-memory.dmp

Filesize
172KB

Download