bazarloader | 7f6996c95325b8b036a9f26516f2978eaaec1907f5044a4c7b54c672ebba813f | Triage

Analysis

max time kernel
4294180s
max time network
122s
platform
windows7_x64
resource
win7-20220311-en
submitted
17-03-2022 15:48

Sharing

Report Analysis Logs

General

Target

f22653ff5aa2ac3c7702b99f69ef9869969542a6a8c198db25b279de7aa24f7f.dll
Size

710KB
MD5

00eae92d3e9c0956067ac5b4d5042022
SHA1

597df7ed42f13d696c2be49d4034d3e24d7746c4
SHA256

f22653ff5aa2ac3c7702b99f69ef9869969542a6a8c198db25b279de7aa24f7f
SHA512

a9ef06b7dc7ffe24d7962047d39c20d09ec761a3115a9e36e2ae7a57d870abf724ccfdcb789719be04c9e466f17aa6a72741e13dcfde8c1fe2d37bc4f41a389a

Score

10^/10

bazarloader dropper loader

Malware Config

Signatures

Bazar Loader
Detected loader normally used to deploy BazarBackdoor malware.
loader dropper bazarloader

Bazar/Team9 Loader payload 1 IoCs

Processes:

resource	yara_rule
behavioral1/memory/1888-54-0x0000000000130000-0x000000000015B000-memory.dmp	BazarLoaderVar6

BazarLoader 1 IoCs

Processes:

resource	yara_rule
behavioral1/memory/1888-54-0x0000000000130000-0x000000000015B000-memory.dmp	BazarLoader

C:\Windows\system32\rundll32.exe
rundll32.exe C:\Users\Admin\AppData\Local\Temp\f22653ff5aa2ac3c7702b99f69ef9869969542a6a8c198db25b279de7aa24f7f.dll,#1
1⤵
PID:1888

Network

MITRE ATT&CK Matrix

Replay Monitor

Loading Replay Monitor...

Downloads

memory/1888-54-0x0000000000130000-0x000000000015B000-memory.dmp

Filesize
172KB

Download